Re: F23 System Wide Change: Default Local DNS Resolver

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 06/02/2015 08:36 PM, Paul Wouters wrote:
> On Tue, 2 Jun 2015, Simo Sorce wrote:
> 
>>> and just because you have a local resolver firefox won't stop it's
>>> behavior
>>
>> It can, w/o a local resolver FF developers will definitely keep caching
>> on their own, with a decent local resolver they can allow themselves to
>> disable their own and go back to rely on the system one, perhaps.
> 
> I don't think so. Firefox does that to avoid DNS rebinding attacks.

It is somewhat questionable whether DNS rebinding vulnerabilities are,
in fact, a problem which should be solved at the client side.  But
Firefox certainly has some caching mechanisms intended to help against
that (but I'm not sure how reliable they are in preventing the issue,
e.g. if you use a web proxy).

-- 
Florian Weimer / Red Hat Product Security
-- 
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct





[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux