On Wed, 30 Apr 2014, Robert Marcano wrote:
What about domain and search lines? If NetworkManager will always use 127.0.0.1, it should still modify resolv.conf with the domain name received from DHCP
That's actually not always correct from a security point of view. If you set your system do have domain "nohats.ca", and you "ssh bofh" and then some DHCP changes the domain/search list, you might not be going where you think you are going. IMHO, DHCP should never touch the domain or search list _unless_ you are connecting to a trusted network - where trusted for practical reasons is defined as "you plug in a wire or use a wifi WPA secret to connect". No open wifi should ever modify your search list. If it does that now, it is a security bug. Paul -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
