[1578] in WWW Security List Archive
Re: _DNS_ security problems
daemon@ATHENA.MIT.EDU (Rich Salz)
Sun Mar 3 20:02:42 1996
From: Rich Salz <rsalz@osf.org>
Date: Sun, 3 Mar 1996 17:41:49 -0500
To: smb@research.att.com, strombrg@hydra.acs.uci.edu
Cc: ekr@terisa.com, rsalz@osf.org, www-security@ns2.rutgers.edu
Errors-To: owner-www-security@ns2.rutgers.edu
>API's should do reasonable things with illegal inputs
Perhaps, but taken to some extreme this goes against the spirit of C.
What should the following do?
fclose(NULL)l
strcpy(NULL, "abc");
sprintf(buff, "%s");
>syslog(), being an API, should do reasonable things with unreasonable
>inputs.
Sendmail, being a program that takes arbitrary input from the network,
should not ship it around to other API's blndly.
>The resolver routines, being an API, should do reasonable things with
>unreasonable inputs.
To the extent that the underlying DNS allows this, yes. Doing forward
checks after gethostbyaddr is *not* the job of the of the API. If
you think otherwise then you need to go learn more about DNS and what
security/integrity guarantees it does, and does not, provide.
> but to call it anything but a pitfall is clearly specious.
At least for the DNS case (gethostbyaddr/gethostbyname), you do not know
what you are talking about. Sorry to be blunt, and perhaps rude, but
it's true.
I think this is my last word on this subject. :)
/r$
