[Bug 278721] ldns uses nameserver commented out resolv.conf (host, drill)
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 278721] ldns uses nameserver commented out in resolv.conf (host, drill)"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 278721] ldns uses nameserver commented out in resolv.conf (host, drill)"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 278721] ldns uses nameserver commented out in resolv.conf (host, drill)"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 278721] ldns uses nameserver commented out in resolv.conf (host, drill)"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Fri, 03 May 2024 16:07:30 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=278721
Bug ID: 278721
Summary: ldns uses nameserver commented out resolv.conf (host,
drill)
Product: Base System
Version: 13.3-RELEASE
Hardware: Any
URL: https://github.com/NLnetLabs/ldns/issues/237
OS: Any
Status: New
Severity: Affects Some People
Priority: ---
Component: bin
Assignee: bugs@FreeBSD.org
Reporter: grembo@FreeBSD.org
CC: des@FreeBSD.org, emaste@freebsd.org
Given this innocent /etc/resolv.conf:
# Generated by resolvconf
# nameserver 192.168.1.1
# nameserver 8.8.8.8
nameserver 127.0.0.1
options edns0
(the third line needs to be empty)
ldns actually sends requests to google DNS.
Stripped down example:
cat >/etc/resolv.conf <<EOF
# g
# nameserver 8.8.8.8
EOF
drill www.google.com
host www.google.com
(there is no resolver running on localhost)
This problem can lead to information leakage and (which hit me) break our
setup, where local_unbound is serving a private zone, but google was contacted
instead.
Filed upstream, more details (and suggested solutions) can be found here:
https://github.com/NLnetLabs/ldns/issues/237
CCed des and emaste, as they did the last import of ldns in 13.3
--
You are receiving this mail because:
You are the assignee for the bug.