The problem here is that other operating systems contain an insecure
default, and the IETF ``solution'' requires every application declare
``make my network safe''.
So let's fix 1 program!! That'll sure help the world... What about
the other 10,000 programs that also speak to the network?
What if they are left unmodified? Who is making it their plan to
fix all 10,000 programs?
The IETF approach is completely misguided. It is impossible to add
#ifdef + setsockopt to every program.
This may sound evil, but I think the solution to this impasse is:
(1) Ignore IETF recommendations.
(2) On systems that are misconfigured, don't fix the program.
(3) Eventually someone will understand the damage is systematic,
and change the system defaults to "secure by default".
Let's put the risks of network misconfiguration back where it belongs.
It is a system default mistake. It can also be a network configuration
error, but only for people who choose the unsafe default.
It is not something to hoist on 10,000+ programs written by people
who copy their socket code from elsewhere.
