This is the mail archive of the libc-hacker@sourceware.cygnus.com mailing list for the glibc project.
Note that libc-hacker is a closed list. You may look at the archives of this list, but subscription and posting are not open.
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
> > > Date: Mon, 11 Oct 1999 17:26:42 -0700 (PDT) > > Cc: libc-hacker@sourceware.cygnus.com (GNU C Library) > > From: hjl@valinux.com (H.J. Lu) > > > They are off by default. You have to turn them on by hand in > > /etc/resolv.conf or via an environment variable. They are a few > > sites on the Internet which rerquires them. I'd like to be able > > to do > > > > # RES_OPTS=insecure2 foobar > > > > What is the problem with that? Are you suggesting we should check > > > > # rm -rf /dev > > > > now? > > So your proposed patch checks for getuid() == 0? > RES_OPTIONS is called with __secure_getenv so that it is not a problem. However, all those options, including RES_IGNTC, are set/cleared in dig/host/nslookup in bind 8. Right now my patch will only affect root if those options are turned on in /etc/resolv.conf. If anyone can change /etc/resolv.conf on your machine, my patch is the last thing you want to worry about. -- H.J. Lu (hjl@gnu.org)
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |