Date: Tue, 29 Aug 2006 11:01:48 +0200 From: Jeremie Le Hen <jeremie@le-hen.org> To: "Simon L. Nielsen" <simon@FreeBSD.org> Cc: Julian Elischer <julian@elischer.org>, FreeBSD Net <net@freebsd.org> Subject: Re: [fbsd] Re: possible patch for implementing split DNS Message-ID: <20060829090148.GD15761@obiwan.tataz.chchile.org> In-Reply-To: <20060829085001.GB982@zaphod.nitro.dk> References: <44EF6E18.6090905@elischer.org> <44EF74CD.6080500@elischer.org> <20060829085001.GB982@zaphod.nitro.dk>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi Simon,
On Tue, Aug 29, 2006 at 10:50:02AM +0200, Simon L. Nielsen wrote:
> On 2006.08.25 15:08:13 -0700, Julian Elischer wrote:
> Since a bunch of people have suggested other solutions I just wanted
> to add me 0.01$CURRENCY, FWIW.
>
> Other than missing update for some manual page (not sure where this
> should go) I don't see a problem adding this patch. "Normal" users
> should be able already get similar functionality already by simply
> preloading a custom patched libc, so I don't see a problem supporting
> this.
I agree with this statement. If users really want to, they can
compile their own libc. However, nectar@ has added the following
comment in nsdispatch.c:
% #if defined(_NSS_DEBUG) && defined(_NSS_SHOOT_FOOT)
% /* NOTE WELL: THIS IS A SECURITY HOLE. This must only be built
% * for debugging purposes and MUST NEVER be used in production.
% */
% path = getenv("NSSWITCH_CONF");
% if (path == NULL)
% #endif
% path = _PATH_NS_CONF;
We should remove this #if clause because of your argument. I'm not sure
it is worth documenting it however.
Regards,
--
Jeremie Le Hen
< jeremie at le-hen dot org >< ttz at chchile dot org >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060829090148.GD15761>