Hmm, it seems that we were the only ones that had RES_NOCHECKNAME enabled. Everyone else uses check-names by default. So I am inclined to leave it as is. christos > On Apr 30, 2021, at 5:33 PM, Christos Zoulas <christos%zoulas.com@localhost> wrote: > > Signed PGP part > I guess I will undo it, because as I mentioned in a separate mail it causes other problems. > > christos > >> On Apr 30, 2021, at 5:18 PM, Robert Elz <kre%munnari.OZ.AU@localhost> wrote: >> >> Date: Fri, 30 Apr 2021 12:07:49 -0400 >> From: "Christos Zoulas" <christos%netbsd.org@localhost> >> Message-ID: <20210430160749.3A4DBFA95%cvs.NetBSD.org@localhost> >> >> | src/include: resolv.h >> | >> | Log Message: >> | Default to check-names for safety. >> >> Please don't do that, check-names applies at the wrong place, and >> is far too big a hammer. Applications which actually depend upon >> names returned (all that ever matters) having (or not having) some >> particular syntax should be verifying that before using it, just like >> any other data received over the network. What is to be valid, and >> what is a problem, varies from application to application. >> >> kre > > > <sanitizer.log>
Attachment:
signature.asc
Description: Message signed with OpenPGP