DNS caching disabled for 12.10...still
Jordon Bedwell
jordon at envygeeks.com
Mon Oct 8 05:24:00 UTC 2012
On Sun, Oct 7, 2012 at 10:47 PM, Daniel J Blueman <daniel at quora.org> wrote:
> Can you elaborate the specific reasons/mechanisms why without per-user
> caching, dnsmasq is still a security weakness? At least these views
> should be shared upstream so we can work on resolving the issues.
It's a subjective security issue IMO. Pretty flawed in some cases, in
others it sounds like the guy who only pokes the bear while it's in
the cage and if the cage is nowhere to be found then it's game over,
won't even go near it. What I am saying is for the average user it's
a case of why are you letting them on your PC at all if you do not
have a single ounce of trust and absolutely need per-user caching
because you fear they will attempt to poison you. For other
environments it's another situation but those environments are the
rule apparently and not the exception... even though they are the
minority IMO.
More information about the Ubuntu-devel-discuss
mailing list