From owner-freebsd-net@FreeBSD.ORG Tue Aug 29 09:01:42 2006 Return-Path: X-Original-To: net@freebsd.org Delivered-To: freebsd-net@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E417916A4E8; Tue, 29 Aug 2006 09:01:42 +0000 (UTC) (envelope-from tataz@tataz.chchile.org) Received: from smtp5-g19.free.fr (smtp5-g19.free.fr [212.27.42.35]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9339B43D86; Tue, 29 Aug 2006 09:01:23 +0000 (GMT) (envelope-from tataz@tataz.chchile.org) Received: from tatooine.tataz.chchile.org (tataz.chchile.org [82.233.239.98]) by smtp5-g19.free.fr (Postfix) with ESMTP id D0CDB275A4; Tue, 29 Aug 2006 11:01:18 +0200 (CEST) Received: from obiwan.tataz.chchile.org (unknown [192.168.1.25]) by tatooine.tataz.chchile.org (Postfix) with ESMTP id AB7509C4C4; Tue, 29 Aug 2006 09:01:48 +0000 (UTC) Received: by obiwan.tataz.chchile.org (Postfix, from userid 1000) id 8FD00408C; Tue, 29 Aug 2006 11:01:48 +0200 (CEST) Date: Tue, 29 Aug 2006 11:01:48 +0200 From: Jeremie Le Hen To: "Simon L. Nielsen" Message-ID: <20060829090148.GD15761@obiwan.tataz.chchile.org> References: <44EF6E18.6090905@elischer.org> <44EF74CD.6080500@elischer.org> <20060829085001.GB982@zaphod.nitro.dk> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20060829085001.GB982@zaphod.nitro.dk> User-Agent: Mutt/1.5.12-2006-07-14 Cc: Julian Elischer , FreeBSD Net Subject: Re: [fbsd] Re: possible patch for implementing split DNS X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 29 Aug 2006 09:01:43 -0000 Hi Simon, On Tue, Aug 29, 2006 at 10:50:02AM +0200, Simon L. Nielsen wrote: > On 2006.08.25 15:08:13 -0700, Julian Elischer wrote: > Since a bunch of people have suggested other solutions I just wanted > to add me 0.01$CURRENCY, FWIW. > > Other than missing update for some manual page (not sure where this > should go) I don't see a problem adding this patch. "Normal" users > should be able already get similar functionality already by simply > preloading a custom patched libc, so I don't see a problem supporting > this. I agree with this statement. If users really want to, they can compile their own libc. However, nectar@ has added the following comment in nsdispatch.c: % #if defined(_NSS_DEBUG) && defined(_NSS_SHOOT_FOOT) % /* NOTE WELL: THIS IS A SECURITY HOLE. This must only be built % * for debugging purposes and MUST NEVER be used in production. % */ % path = getenv("NSSWITCH_CONF"); % if (path == NULL) % #endif % path = _PATH_NS_CONF; We should remove this #if clause because of your argument. I'm not sure it is worth documenting it however. Regards, -- Jeremie Le Hen < jeremie at le-hen dot org >< ttz at chchile dot org >