On Fri, Sep 02, 2016 at 05:49:22PM +0100, Stuart Henderson wrote: > On 2016/09/02 10:37, Florian Obser wrote: > > To stop naddy from pestering me about this at every hackathon (rightly > > so!), let's base the timeout on the prefixes pltime. ;) > > Just a thought, are we going to need to cap this to the RDNSS time too when > we start caring about that? >
I will not parse the DNS options in the kernel. See CVE-2014-3954 ;) I imagine when the time comes that we care we have the router advertisement parsing in userland and solicitations will again be send from userland, too. -- I'm not entirely sure you are real.
