From owner-freebsd-current@FreeBSD.ORG  Wed Jun 21 21:22:19 2006
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
X-Original-To: freebsd-current@freebsd.org
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 48BDF16A474;
	Wed, 21 Jun 2006 21:22:19 +0000 (UTC)
	(envelope-from jmg@hydrogen.funkthat.com)
Received: from hydrogen.funkthat.com (gate.funkthat.com [69.17.45.168])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 7143543D45;
	Wed, 21 Jun 2006 21:22:18 +0000 (GMT)
	(envelope-from jmg@hydrogen.funkthat.com)
Received: from hydrogen.funkthat.com (u6k9eozkn29ucgjl@localhost.funkthat.com
	[127.0.0.1])
	by hydrogen.funkthat.com (8.13.6/8.13.3) with ESMTP id k5LLMFta089753; 
	Wed, 21 Jun 2006 14:22:15 -0700 (PDT)
	(envelope-from jmg@hydrogen.funkthat.com)
Received: (from jmg@localhost)
	by hydrogen.funkthat.com (8.13.6/8.13.3/Submit) id k5LLMCV2089752;
	Wed, 21 Jun 2006 14:22:12 -0700 (PDT) (envelope-from jmg)
Date: Wed, 21 Jun 2006 14:22:12 -0700
From: John-Mark Gurney <gurney_j@resnet.uoregon.edu>
To: John Birrell <jb@what-creek.com>
Message-ID: <20060621212211.GE82074@funkthat.com>
Mail-Followup-To: John Birrell <jb@what-creek.com>,
	Luigi Rizzo <rizzo@icir.org>, freebsd-current@freebsd.org,
	Harti Brandt <harti@freebsd.org>
References: <4498D108.90907@rogers.com> <20060621053007.GA3320@odin.ac.hmc.edu>
	<4498DF20.8020803@rogers.com> <1150870137.78122.14.camel@spirit>
	<20060621082734.Q24109@beagle.kn.op.dlr.de>
	<20060621063816.GA32889@what-creek.com>
	<20060621000250.A6468@xorpc.icir.org>
	<20060621070739.GB35132@what-creek.com>
	<20060621002036.A6576@xorpc.icir.org>
	<20060621073123.GA35319@what-creek.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20060621073123.GA35319@what-creek.com>
User-Agent: Mutt/1.4.2.1i
X-Operating-System: FreeBSD 5.4-RELEASE-p6 i386
X-PGP-Fingerprint: B7 EC EF F8 AE ED A7 31  96 7A 22 B3 D8 56 36 F4
X-Files: The truth is out there
X-URL: http://resnet.uoregon.edu/~gurney_j/
X-Resume: http://resnet.uoregon.edu/~gurney_j/resume.html
Cc: Luigi Rizzo <rizzo@icir.org>, freebsd-current@freebsd.org,
	Harti Brandt <harti@freebsd.org>
Subject: Re: ~/.hosts patch
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: John-Mark Gurney <gurney_j@resnet.uoregon.edu>
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>, 
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Jun 2006 21:22:19 -0000

John Birrell wrote this message on Wed, Jun 21, 2006 at 07:31 +0000:
> We need to retain the integrity of a DNS lookup. If there are any work
> arounds required for poor DNS lookups, then let an administrator configure
> them!

As long as we allow libraries to be preloaded on binaries, someone can
override the resolver library, and have their own hooks there...  Killing
this feature doesn't make anything more secure for the user...

-- 
  John-Mark Gurney				Voice: +1 415 225 5579

     "All that I will do, has been done, All that I have, has not."