On 9/29/20 8:29 AM, stan via users wrote:
This is not the reality I live in though. New-style high level
programming languages tend to avoid being just a wrapper around C
APIs. And thus they implement minimal DNS clients themselves,
ignoring the LLMNR, mDNS and so on.
Not just for DNS. For SMTP, HTTP, etc.
This is kind of a silly statement. There isn't a standard library for
smtp and http clients although there are libraries like libcurl.
The modern way of coding apps is minimal marginally-compliant and
secure built-in network client (so things sort of work on the dev
system and in CI/CD unit tests), with the OS interposing a
full-featured protocol proxy in “production” deployments.
For me, the implication of that is that I am no longer in control of
DNS, etc. If some program has hard coded DNS servers, they bypass
everything and just ignore system settings. Am I understanding
correctly?
Just because they implement a DNS client doesn't mean they ignore the
system settings or have hard-coded servers.
In particular, I'm thinking about firefox, since as part of that thread
it emerged that browsers are including their own DNS clients with
things like DOH and DOT. Before I start knot-resolver, firefox cannot
reach the web. Is that an indication that it does, in fact, use my
DNS resolver?
DOT doesn't bypass your DNS servers and Firefox has DOH disabled by
default in Fedora.
_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
