Subject: Re: re-reading /etc/resolv.conf on change
To: Manuel Bouyer <bouyer@antioche.eu.org>
From: mouss <usebsd@free.fr>
List: tech-userlevel
Date: 01/01/2004 22:07:51
Manuel Bouyer wrote:

> On Thu, Jan 01, 2004 at 02:43:50PM -0500, Greg A. Woods wrote:
> 
>>[ On Thursday, January 1, 2004 at 15:51:08 (+0100), Manuel Bouyer wrote: ]
>>
>>>Subject: Re: re-reading /etc/resolv.conf on change
>>>
>>>I though about adding a environement variable for this as well, to allow
>>>a user to use its own resolv.conf (I'd like to be able to have a different
>>>search than the site-wide one). But it may be better to have env variables
>>>to override parts of resolv.conf. This needs more thoughs.
>>
>>All of that sounds just about as dangerous as that stupid HOSTALISES
>>thing that I've ripped out of my own resolver code.
>>
>>If you don't have the rights on some machine to change /etc/resolv.conf
>>then you shouldn't have the right to tell the resolver to use some other
>>configuration, even if it is only rope for your own execution.
> 
> 
> Why ?
> 

I don't see any security issue here. Users can already specify a name 
server to nslookup. They can even write their own resolver.