[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: 'export RESOLV_HOST_CONF= any file you want' local vulnerability

On Wed, Jan 10, 2001 at 09:55:29PM +1100, Hamish Moffatt wrote:

> On Tue, Jan 09, 2001 at 07:19:53PM -0500, Matt Zimmerman wrote:
> > I assume its purpose is to allow different resolver settings to be used with
> > individual programs.  For instance, perhaps one program should use DNS, while
> > another NIS, and still another only the local hosts file for name resolution.
> > For some programs, setting 'nospoof' will improve security; for others, it will
> > just cause some lookups to fail needlessly.
> How does resolv.conf let you specify that? According to resolv.conf(5),
> resolv.conf is used for DNS only (which is what I always thought).
> You could accomplish the above if you could override /etc/nsswitch.conf
> though.

The environment variable in question lets you specify the location of
host.conf, not resolv.conf.

 - mdz

Reply to: