[Bug 3979] udhcpc should filter out malicious hostnames passed in option 0x0c
bugzilla at busybox.net
bugzilla at busybox.net
Thu Apr 17 14:30:50 UTC 2014
https://bugs.busybox.net/show_bug.cgi?id=3979
--- Comment #14 from danny at mellanox.com 2014-04-17 14:30:49 UTC ---
> You should not use option 15 to pass a list of search domains, otherwise you
> can discover
> that tools which are RFC-2132 compliant won't agree to process it.
>
I understand your good intention, but you should not break something, that has
been working for years (correct or incorrect - it was doing his job as
expected).
Ok, now it is "correct", but does not works anymore. Who need such fix?
Did not had any problems with any tools for last 3 years...
Probably, I don't use/know them... Can you point on such tools?
> There are options which are intended to pass lists of search domains. Use
> *them*.
How about old systems, whose dhclient does not know about *those* options?
(upgrade is not an option)
>
> Please attach your /sbin/dhclient-script and tcpdump capture of DHCP reply
> packet which carries the data.
dhclient-script from CentOS 5.5 and 6.4 are attached. Can't provide you with
tcpdump yet, but you already know what is there.
--
Configure bugmail: https://bugs.busybox.net/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
More information about the busybox-cvs
mailing list