Re: 'export RESOLV_HOST_CONF= any file you want' local vulnerability

To: debian-devel@lists.debian.org
Cc: Hamish Moffatt <hamish@debian.org>
Subject: Re: 'export RESOLV_HOST_CONF= any file you want' local vulnerability
From: Matt Zimmerman <mdz@debian.org>
Date: Wed, 10 Jan 2001 16:11:26 -0500
Message-id: <[🔎] 20010110161120.B8682@alcor.net>
Mail-followup-to: debian-devel@lists.debian.org, Hamish Moffatt <hamish@debian.org>
In-reply-to: <[🔎] 20010110215529.D22583@silly.cloud.net.au>; from hamish@debian.org on Wed, Jan 10, 2001 at 09:55:29PM +1100
References: <Pine.LNX.4.31.0101081331280.20955-100000@io.88.net> <Pine.LNX.4.31.0101081752230.25739-100000@io.88.net> <20010109110855.A4036@polya> <[🔎] 20010109134141.B44740@aixterm6.urz.uni-heidelberg.de> <[🔎] 20010109092946.J10073@visi.net> <[🔎] 20010110083413.D21279@silly.cloud.net.au> <[🔎] 20010109191949.A8866@alcor.net> <[🔎] 20010110215529.D22583@silly.cloud.net.au>

On Wed, Jan 10, 2001 at 09:55:29PM +1100, Hamish Moffatt wrote:

> On Tue, Jan 09, 2001 at 07:19:53PM -0500, Matt Zimmerman wrote:
> > I assume its purpose is to allow different resolver settings to be used with
> > individual programs.  For instance, perhaps one program should use DNS, while
> > another NIS, and still another only the local hosts file for name resolution.
> > For some programs, setting 'nospoof' will improve security; for others, it will
> > just cause some lookups to fail needlessly.
> 
> How does resolv.conf let you specify that? According to resolv.conf(5),
> resolv.conf is used for DNS only (which is what I always thought).
> You could accomplish the above if you could override /etc/nsswitch.conf
> though.

The environment variable in question lets you specify the location of
host.conf, not resolv.conf.

-- 
 - mdz

Reply to:

References:
- Re: 'export RESOLV_HOST_CONF= any file you want' local vulnerability
  - From: Christoph Baumann <cbauman1@ix.urz.uni-heidelberg.de>
- Re: 'export RESOLV_HOST_CONF= any file you want' local vulnerability
  - From: Ben Collins <bcollins@debian.org>
- Re: 'export RESOLV_HOST_CONF= any file you want' local vulnerability
  - From: Hamish Moffatt <hamish@debian.org>
- Re: 'export RESOLV_HOST_CONF= any file you want' local vulnerability
  - From: Matt Zimmerman <mdz@debian.org>
- Re: 'export RESOLV_HOST_CONF= any file you want' local vulnerability
  - From: Hamish Moffatt <hamish@debian.org>

Prev by Date: Re: Proposal: Reorganizing Python for Python 2.0
Next by Date: ITP: GPL Flash
Previous by thread: Re: 'export RESOLV_HOST_CONF= any file you want' local vulnerability
Next by thread: NMU of sitecopy ?
Index(es):
- Date
- Thread