Re: Proposed new scheme for resolving the system hostname

To: Thomas Hood <jdthood@aglu.demon.nl>
Cc: debian-boot@lists.debian.org
Subject: Re: Proposed new scheme for resolving the system hostname
From: GOMBAS Gabor <gombasg@sztaki.hu>
Date: Sun, 19 Jun 2005 17:02:42 +0200
Message-id: <[🔎] 20050619150206.GE10043@boogie.lpds.sztaki.hu>
In-reply-to: <[🔎] 1119190568.7061.54.camel@thanatos>
References: <[🔎] 1118947437.6616.29.camel@thanatos> <[🔎] 20050616190753.GJ1468@wiggy.net> <[🔎] 1118950724.6616.50.camel@thanatos> <[🔎] 20050617160759.GF4075@boogie.lpds.sztaki.hu> <[🔎] 1119029171.14736.68.camel@thanatos> <[🔎] 20050619132620.GC10043@boogie.lpds.sztaki.hu> <[🔎] 1119190568.7061.54.camel@thanatos>

On Sun, Jun 19, 2005 at 04:16:08PM +0200, Thomas Hood wrote:

> Do you think that I should file a bug against sudo?

I think yes. In case of sudo, the usage of gethostbyname() is governed
by the --with-fqdn option of configure. There are two things to
consider:

- Disabling --with-fqdn might break existing setups where /etc/sudoers
  contains FQDNs, so sudo's NEWS.Debian has to warn about this
- Leaving --with-fqdn enabled might be considered a security risk as it
  allows gaining extra local privileges using DNS spoofing techniques

> Do you think that hostname(1) should deprecate hostname's --fqdn option?

Yes. At the same time we should provide a tool for getting the FQDNs for
all addresses configured on every UP, non-LOOPBACK interface (we can
call it `hostname --list-fqdns`), so scripts operating on FQDNs can
still be written. It just has to be made clear that the ouptut of
`hostname` has nothing to do with the output of  `hostname --list-fqdns`.

Gabor

-- 
     ---------------------------------------------------------
     MTA SZTAKI Computer and Automation Research Institute
                Hungarian Academy of Sciences,
     Laboratory of Parallel and Distributed Systems
     Address   : H-1132 Budapest Victor Hugo u. 18-22. Hungary
     Phone/Fax : +36 1 329-78-64 (secretary)
     W3        : http://www.lpds.sztaki.hu
     ---------------------------------------------------------

Reply to:

Follow-Ups:
- Re: Proposed new scheme for resolving the system hostname
  - From: Thomas Hood <jdthood@aglu.demon.nl>

References:
- Proposed new scheme for resolving the system hostname
  - From: Thomas Hood <jdthood@aglu.demon.nl>
- Re: Proposed new scheme for resolving the system hostname
  - From: Wichert Akkerman <wichert@wiggy.net>
- Re: Proposed new scheme for resolving the system hostname
  - From: Thomas Hood <jdthood@aglu.demon.nl>
- Re: Proposed new scheme for resolving the system hostname
  - From: GOMBAS Gabor <gombasg@sztaki.hu>
- Re: Proposed new scheme for resolving the system hostname
  - From: Thomas Hood <jdthood@aglu.demon.nl>
- Re: Proposed new scheme for resolving the system hostname
  - From: GOMBAS Gabor <gombasg@sztaki.hu>
- Re: Proposed new scheme for resolving the system hostname
  - From: Thomas Hood <jdthood@aglu.demon.nl>

Prev by Date: [D-I manual ] moving from xml to po
Next by Date: Re: [D-I manual ] moving from xml to po
Previous by thread: Re: Proposed new scheme for resolving the system hostname
Next by thread: Re: Proposed new scheme for resolving the system hostname
Index(es):
- Date
- Thread