User: Password:
|
|
Subscribe / Log in / New account

DNSCurve: an alternative to DNSSEC

DNSCurve: an alternative to DNSSEC

Posted Jul 19, 2009 7:10 UTC (Sun) by eupator (guest, #44581)
In reply to: DNSCurve: an alternative to DNSSEC by charlieb
Parent article: DNSCurve: an alternative to DNSSEC

The qmail guarantee was claimed as well, years ago. DJB just didn't pay. His argument was that the exploit can be prevented if rlimit is used to limit the process virtual memory to 4 GB, which he argues should always be the case, and so the bug is not a real security hole.

Never mind that qmail didn't set such a resource limit (and still doesn't), requirement to do so by hand was not documented (and still isn't), and no one generally does so, as you can verify by running 'ulimit -v'.


(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds