diff options
Diffstat (limited to 'net-libs/adns/files/README.security')
| -rw-r--r-- | net-libs/adns/files/README.security | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/net-libs/adns/files/README.security b/net-libs/adns/files/README.security new file mode 100644 index 000000000000..c09f544f3f99 --- /dev/null +++ b/net-libs/adns/files/README.security @@ -0,0 +1,11 @@ +SECURITY AND PERFORMANCE - AN IMPORTANT NOTE + +adns is not a `full-service resolver': it does no caching of responses +at all, and has no defence against bad nameservers or fake packets +which appear to come from your real nameservers. It relies on the +full-service resolvers listed in resolv.conf to handle these tasks. + +For secure and reasonable operation you MUST run a full-service +nameserver on the same system as your adns applications, or on the +same local, fully trusted network. You MUST only list such +nameservers in the adns configuration (eg resolv.conf). |