named and use of resolv.conf? - how to "learn" this
Evan Hunt
each at isc.org
Tue Aug 2 23:50:53 UTC 2016
On Tue, Aug 02, 2016 at 05:04:33PM -0400, Matthew Pounsett wrote:
> Yes it will. But, as far as I understand, it uses the recursive code paths
> to do that, and won't consult resolv.conf. Yes?
Correct. However, an option to use the system resolver for this instead
is a feature request we've been considering.
The reason: Whenever we find a security bug that affects recursive
operation only, someone who runs an auth-only server inevitably asks
whether their system is affected, and we always have to say, "well,
*probably* not, but recursive code *is* sometimes used in authoritative
servers in order to blah blah etc" and it might be nice to just say no.
--
Evan Hunt -- each at isc.org
Internet Systems Consortium, Inc.
More information about the bind-users
mailing list