40 lines
1.4 KiB
Plaintext
40 lines
1.4 KiB
Plaintext
(from http://cr.yp.to/dnscache/ad/security.html)
|
|
|
|
Security features:
|
|
|
|
- dnscache runs as a dedicated non-root uid inside a chroot jail,
|
|
so it can't touch the rest of the machine.
|
|
- tinydns runs as another dedicated non-root uid inside its own
|
|
chroot jail.
|
|
- pickdns runs as another dedicated non-root uid inside its own
|
|
chroot jail.
|
|
- walldns runs as another dedicated non-root uid inside its own
|
|
chroot jail.
|
|
- dnscache discards DNS queries from outside a specified list of
|
|
IP addresses.
|
|
- dnscache and the dns library use a new query ID and a new UDP
|
|
port for each query packet. They discard DNS responses from any IP
|
|
address other than the one that the corresponding query was just
|
|
sent to.
|
|
- dnscache uses a cryptographic generator to select unpredictable
|
|
port numbers and IDs.
|
|
- dnscache is immune to cache poisoning.
|
|
- tinydns, pickdns, and walldns never cache information. They do
|
|
not support recursion.
|
|
|
|
Security metafeatures:
|
|
|
|
- Security was, and is, one of the primary motivations for the
|
|
development of DNScache. Every step of the design and implementation
|
|
has been carefully evaluated from a security perspective.
|
|
|
|
- The DNScache package has been structured to minimize the complexity
|
|
of security-critical code. The package is modularized for easy
|
|
review.
|
|
|
|
- Bug-prone coding practices and libraries have been systematically
|
|
identified and rejected.
|
|
|
|
Beware, however, that the DNS infrastructure is inherently vulnerable
|
|
to forgery.
|