From owner-freebsd-questions Thu Feb 9 19:33:27 1995 Return-Path: questions-owner Received: (from root@localhost) by freefall.cdrom.com (8.6.9/8.6.6) id TAA28223 for questions-outgoing; Thu, 9 Feb 1995 19:33:27 -0800 Received: from trout.sri.MT.net (trout.sri.MT.net [204.182.243.12]) by freefall.cdrom.com (8.6.9/8.6.6) with ESMTP id TAA28217 for ; Thu, 9 Feb 1995 19:33:18 -0800 Received: (nate@localhost) by trout.sri.MT.net (8.6.8/8.3) id UAA14385; Thu, 9 Feb 1995 20:34:27 -0700 Date: Thu, 9 Feb 1995 20:34:27 -0700 From: Nate Williams Message-Id: <199502100334.UAA14385@trout.sri.MT.net> In-Reply-To: "M.C Wong" "Re: DNS selection at user level" (Feb 10, 2:24pm) X-Mailer: Mail User's Shell (7.2.5 10/14/92) To: "M.C Wong" Subject: Re: DNS selection at user level Cc: freebsd-questions@freefall.cdrom.com Sender: questions-owner@FreeBSD.org Precedence: bulk [ User configurable DNS settings ] > > There would be too many ways to completely break security this way. Say > > you have a machine that exports it's file-systems with root access to a > > specific machine. All you need to do is provide a DNS server that you > > setup which responds that your machine is the trusted machine. > > But isn't this spoofing can be guarded against with firewall thing, or it > can't for nfs ? What if the machines are not behind a firewall? And, what if it's inside your local net. Again, there are too many ways that security can be broken this way. Nate