On May 22, 2008, at 1:39 PM, Jonathan Chen wrote:
[ ... ]
If this were true, the "view" feature would be broken. I've just tried
this with a client-based ACL, and there doesn't appear to any
cache-leaking across views. Any counter-examples would be welcome.


Well, BIND is up to 28 published security advisories:

  http://www.isc.org/sw/bind/bind-security.php#matrix

...which not only have included cache poisoning (2003-0914), but many of them allowed for arbitrary code execution, often as root.

--
-Chuck

_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to