Somewhat afield from the previous discussion; I notice that the present
code doesn't handle FQDNs; this may be correct behavior, or it might be
a omission no one cares about. My assumption (when I had my test
writing hat on) was that it should handle them but consider them
distinct from the corresponding PQDNs to preclude the possibility of
sub-domain naming attacks ("benign_host.domain.com.ha_ha.evil.com.", aka
"benign_host.domain.com").
Is this correct, or should they be precluded (as presently--you can't
write an allow/deny rule with a terminal dot) or is this a bit of
esoterica that nobody else cares about?
-- Markus
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Puppet Developers" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/puppet-dev?hl=en
-~----------~----~----~----~------~----~------~--~---
