[rbldnsd] Warning: possible danger of using rbldnsd,
and upcoming data format change
Matthew Sullivan
matthew at sorbs.net
Wed Jun 9 18:00:26 MSD 2004
David Landgren wrote:
> Matthew Sullivan wrote:
>
>> 1/ rbldnsd check for and create a lockfile (similar to the old Serial
>> Port lockfiles) - if it's present and locked (exclusive), rbldnsd
>> would not open/update the zonefiles. If the lockfile was present and
>> locked for exclusive use, then any update program would be made not
>> to update the files.... Of course you could lock the zonefiles
>> themselves for exclusive access and lockout things like rsync.
>
>
> You have traded one problem for another. Now you have to deal with
> stale locks.
>
> The main problem appears to be idi^H^H^Hpeople who attempt to upload
> data files directly into production. Madness! Inter-system file
> transfers should always use store-and-forward techniques, where the
> receiving end can run sanity checks to make sure the file is correct,
> before moving it over into production.
>
> Having an end-of-file marker on the last line of the file is perfect
> for this.
>
> One should always be wary of encumbering an application with
> unnecessary cruft to solve a (non-)problem that should be addressed by
> basic rules of hygiene.
EOF will not help you then have a race condition where the daemon opens
for reading, and something opens for writing...
/ Mat
More information about the rbldnsd
mailing list