SRV lookup support (Bugzilla 2217)

Thorsten Glaser t.glaser at tarent.de
Fri Feb 19 02:13:49 AEDT 2021


On Thu, 18 Feb 2021, Mara Sophie Grosch wrote:

> >(after all, they could already send it to an entirely different host)
> >but maybe I'm missing something...
>
> I think if an attacker controls DNS, it's a lost game anyway. Current

It’s still a level of indirection that isn’t traditionally used, and
which makes me a bit nervous, especially considering name resolution
is not just DNS (think /etc/hosts for example).

I’d prefer for this “feature” to be disabled by default and stay that
way.

bye,
//mirabilos
-- 
«MyISAM tables -will- get corrupted eventually. This is a fact of life. »
“mysql is about as much database as ms access” – “MSSQL at least descends
from a database” “it's a rebranded SyBase” “MySQL however was born from a
flatfile and went downhill from there” – “at least jetDB doesn’t claim to
be a database”	(#nosec)    ‣‣‣ Please let MySQL and MariaDB finally die!


More information about the openssh-unix-dev mailing list