Date: Wed, 21 Jun 2006 14:22:12 -0700 From: John-Mark Gurney <gurney_j@resnet.uoregon.edu> To: John Birrell <jb@what-creek.com> Cc: Luigi Rizzo <rizzo@icir.org>, freebsd-current@freebsd.org, Harti Brandt <harti@freebsd.org> Subject: Re: ~/.hosts patch Message-ID: <20060621212211.GE82074@funkthat.com> In-Reply-To: <20060621073123.GA35319@what-creek.com> References: <4498D108.90907@rogers.com> <20060621053007.GA3320@odin.ac.hmc.edu> <4498DF20.8020803@rogers.com> <1150870137.78122.14.camel@spirit> <20060621082734.Q24109@beagle.kn.op.dlr.de> <20060621063816.GA32889@what-creek.com> <20060621000250.A6468@xorpc.icir.org> <20060621070739.GB35132@what-creek.com> <20060621002036.A6576@xorpc.icir.org> <20060621073123.GA35319@what-creek.com>
next in thread | previous in thread | raw e-mail | index | archive | help
John Birrell wrote this message on Wed, Jun 21, 2006 at 07:31 +0000:
> We need to retain the integrity of a DNS lookup. If there are any work
> arounds required for poor DNS lookups, then let an administrator configure
> them!
As long as we allow libraries to be preloaded on binaries, someone can
override the resolver library, and have their own hooks there... Killing
this feature doesn't make anything more secure for the user...
--
John-Mark Gurney Voice: +1 415 225 5579
"All that I will do, has been done, All that I have, has not."
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060621212211.GE82074>