Bug#191055: nss cache in mozilla does not expire
mh at glandium.org
Sun Apr 29 13:57:43 UTC 2007
On Sun, Apr 29, 2007 at 02:23:31PM +0200, Fabio Massimo Di Nitto <fabbione at fabbione.net> wrote:
> Mike Hommey wrote:
> > On Mon, Apr 28, 2003 at 10:48:28AM +0200, Fabio Massimo Di Nitto <fabbione at fabbione.net> wrote:
> >> Package: mozilla-browser
> >> Version: 2:1.3-4
> >> Severity: important
> >> Hi all,
> >> the problem is farly simple. open mozilla. access the server.
> >> change the ip/dns entry on server. reaccess the server. mozilla
> >> keeps accessing the old one even after 3/4 days.
> >> The nss cache should expire otherwise please remove the cache
> >> feature because it is extremely annoying that users have to restart
> >> mozilla to be sure they are accessing the correct web site.
> >> Without considering that there might be some security issues involved
> >> in this behaviour since a crafted attack might let users access a
> >> fake server.
> > Were you by any chance using nscd ?
> > Mike
> No, never used nscd.
Okay, I could reproduce half of the problem, but things evolved a few
months after you filed your bug, according to upstream CVS.
They changed their DNS service so that it would only cache DNS entries
for 60 seconds (which you can change if you set the
network.dnsCacheExpiration preference to another value) for 20 entries
max (changeable with network.dnsCacheEntries).
I think this is enough for this bug to be closed. If not, I could set
these 2 preferences to 0 to disable DNS caching.
More information about the pkg-mozilla-maintainers