On Tue, Aug 17, 2021 at 08:25:23PM -0400, Viktor Dukhovni wrote:
Sadly, while getdnsapi looks somewhat natural to a Python programmer, it is a rather poor C API
I recognize that this is true; but honestly, if we're trying to make something safe we're not aiming at C programmers in the first place. If you're writing C programs today and you're not checking every single input and output for malicious content, then you're a hazard to everyone and not just your users. The idea that such a problem could be solved by "better resolvers" is just fatuous: all that will do is make better malware. This is not an attempt to dump on C or applications in C or anything like that. It is rather, IMO, to point out that people who are operating the table saw without a blade guard are already undertaking dangerous operations, and insisting on safety googles for "cross-cuts with a finish blade while standing behind the multi-cm thick workpiece" is not really going to help. Best regards, A -- Andrew Sullivan a...@anvilwalrusden.com _______________________________________________ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations
