This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Discussion: NSS - Changing DEFAULT_CONFIG for hosts lookups

From: Jan Hacker <jan at hacker dot ch>
To: libc-alpha at sourceware dot org
Date: Tue, 5 Nov 2019 01:09:56 +0100
Subject: Discussion: NSS - Changing DEFAULT_CONFIG for hosts lookups

Dear list,

this post aims at discussing the contemplated change of the default service order for hosts lookups in absentia of nsswitch.conf.
It relates to https://sourceware.org/bugzilla/show_bug.cgi?id=25156 , which initially raised the issue.
Final goal is to find consensus: To change or not to change the default?

The current default, as defined in
https://sourceware.org/git/?p=glibc.git;a=blob;f=nss/hosts-lookup.c;hb=HEAD
is:
#define DEFAULT_CONFIG "dns [!UNAVAIL=return] files"
The proposed new default would be
#define DEFAULT_CONFIG "files dns"
... effectively making the /etc/hosts file the primary source for hosts lookups, until overridden by a nsswitch.conf file.

I could only come up with pro-arguments so far, which I'm listing below.
I'm seeking advice considering the proposed change - and asking for any contra-arguments I might have overseen.

Arguments *for* changing the default to "files dns":
- Basically all distributions ship with a "hosts: files dns" default in nsswitch.conf nowadays
- The current glibc nsswitch.conf example proposes "files dns", too 
  ( https://sourceware.org/git/?p=glibc.git;a=blob;f=nss/nsswitch.conf#l60 )
- It would be more user-friendly if "wide-spread defaults" would match default in code;
  behaviour would be more predictable / match expectations (think e.g. of ssh[d]_config defaults)
- It's de-facto standard OS behaviour to prefer /etc/hosts entries over DNS, even on Windows
- "files dns" is mentioned as example/default in some BSDs' manpages [1,2]
- musl, as alternative libc, has no nsswitch.conf and hardcodes "files dns" order [3]
- Rouge APs/HotSpots could offer malicious DNS responses for "localhost", hypothetically leading to infoleaks?

Arguments *against* changing the default to "files dns".
Or the other way round: Arguments for preferring "dns" over "files" as first source:
- https://www.kernel.org/doc/man-pages/ , serving as many distros' manpage source, "still" shows old default 
- ...
- ?


Thanks in  advance for sharing your thoughts.
I'd also like to thank Carlos and DJ for guiding me here.

/Jan

--
[1] https://netbsd.gw.com/cgi-bin/man-cgi?nsswitch.conf+5+NetBSD-1.4.3
[2] https://www.freebsd.org/cgi/man.cgi?query=nsswitch.conf&sektion=5&n=1
[3] https://github.com/runtimejs/musl-libc/blob/master/src/network/getaddrinfo.c#L153

Follow-Ups:
- Re: Discussion: NSS - Changing DEFAULT_CONFIG for hosts lookups
  - From: Florian Weimer

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]