diff options
| author |   Daniel Black <dragonheart@gentoo.org> | 2009-02-15 02:14:27 +0000 |
|---|---|---|
| committer | Daniel Black <dragonheart@gentoo.org> | 2009-02-15 02:14:27 +0000 |
| commit | 100e419b8fa3e9c52c9af74ed385fa11ca448e82 (patch) | |
| tree | 0996c285b8f502b90d048112cebb25c95690bffd /net-libs/adns/files | |
| parent | Had a bug in the first edition of the patch, roll out a new revision instead. (diff) | |
| download | gentoo-2-100e419b8fa3e9c52c9af74ed385fa11ca448e82.tar.gz gentoo-2-100e419b8fa3e9c52c9af74ed385fa11ca448e82.tar.bz2 gentoo-2-100e419b8fa3e9c52c9af74ed385fa11ca448e82.zip | |
added warning thanks to Robert Buchholz bug #238119.
(Portage version: 2.2_rc23/cvs/Linux x86_64)
Diffstat (limited to 'net-libs/adns/files')
| -rw-r--r-- | net-libs/adns/files/README.security | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/net-libs/adns/files/README.security b/net-libs/adns/files/README.security new file mode 100644 index 000000000000..c09f544f3f99 --- /dev/null +++ b/net-libs/adns/files/README.security @@ -0,0 +1,11 @@ +SECURITY AND PERFORMANCE - AN IMPORTANT NOTE + +adns is not a `full-service resolver': it does no caching of responses +at all, and has no defence against bad nameservers or fake packets +which appear to come from your real nameservers. It relies on the +full-service resolvers listed in resolv.conf to handle these tasks. + +For secure and reasonable operation you MUST run a full-service +nameserver on the same system as your adns applications, or on the +same local, fully trusted network. You MUST only list such +nameservers in the adns configuration (eg resolv.conf). |