From owner-freebsd-questions  Thu Feb  9 19:33:27 1995
Return-Path: questions-owner
Received: (from root@localhost) by freefall.cdrom.com (8.6.9/8.6.6) id TAA28223 for questions-outgoing; Thu, 9 Feb 1995 19:33:27 -0800
Received: from trout.sri.MT.net (trout.sri.MT.net [204.182.243.12]) by freefall.cdrom.com (8.6.9/8.6.6) with ESMTP id TAA28217 for <freebsd-questions@freefall.cdrom.com>; Thu, 9 Feb 1995 19:33:18 -0800
Received: (nate@localhost) by trout.sri.MT.net (8.6.8/8.3) id UAA14385; Thu, 9 Feb 1995 20:34:27 -0700
Date: Thu, 9 Feb 1995 20:34:27 -0700
From: Nate Williams <nate@trout.sri.MT.net>
Message-Id: <199502100334.UAA14385@trout.sri.MT.net>
In-Reply-To: "M.C Wong" <mcw@hpato.aus.hp.com>
       "Re: DNS selection at user level" (Feb 10,  2:24pm)
X-Mailer: Mail User's Shell (7.2.5 10/14/92)
To: "M.C Wong" <mcw@hpato.aus.hp.com>
Subject: Re: DNS selection at user level
Cc: freebsd-questions@freefall.cdrom.com
Sender: questions-owner@FreeBSD.org
Precedence: bulk

[ User configurable DNS settings ]

> > There would be too many ways to completely break security this way.  Say
> > you have a machine that exports it's file-systems with root access to a
> > specific machine.  All you need to do is provide a DNS server that you
> > setup which responds that your machine is the trusted machine.
> 
> But isn't this spoofing can be guarded against with firewall thing, or it
> can't for nfs ?

What if the machines are not behind a firewall?  And, what if it's inside
your local net.  Again, there are too many ways that security can be broken
this way.


Nate