documentation and programming follows resolvconf
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
openresolv (Ubuntu) |
Expired
|
Undecided
|
Unassigned |
Bug Description
If one has
dns-nameservers 192.168.1.2
dns-search localdomain
in their /etc/network/
cat /etc/resolvconf
"
# Configuration for resolvconf(8)
# See resolvconf.conf(5) for details
resolv_
# If you run a local name server, you should uncomment the below line and
# configure your subscribers configuration files below.
#name_servers=
"
cat /etc/NetworkMan
"
[main]
plugins=
[keyfile]
unmanaged-
[ifupdown]
managed=false
"
cat /etc/network/
"
auto lo
iface lo inet loopback
allow-auto eth1 eth2
allow-hotplug eth2 eth1
iface eth1 inet static
address 10.253.253.2
netmask 255.255.255.0
broadcast 10.253.253.255
iface eth2 inet static
address 192.168.1.83
netmask 255.255.255.0
broadcast 192.168.1.255
gateway 192.168.1.1
dns-nameservers 192.168.1.2
dns-search localdomain
..
you see,
dns-nameservers 192.168.1.2
dns-search localdomain
is meant to work with the resolvconf package.
nowhere does it these two stanzas are mentioned in the openresolv manual
these two stanzas are meant to be used by the resolvconf package (resolvconf is not my system)
your if-up.d/
"
printf "$conf" | /sbin/resolvconf -a "$IFACE.$ADDRFAM"
"
the -a paramater to resolvconf is what is parsing this..
..However.. I tried the interfaces file without these two stanzas, and instead tried to use
name_servers=
, then applied /etc/networking restart ..
Does not work.. but if I apply manually "openresolv -u", /etc/resolvconf
I find using the two stanzas in /etc/network/
I hope you can take a look at this soon so I can post this/(or to later to revise) solution on having NetworkManager.
-- I also believe this may a security vulnerability.. If a program can operate in a way outside the context of it's documentation, then I believe malicious commands can be placed outside of its expected configuration..
ProblemType: Bug
DistroRelease: Ubuntu 11.10
Package: openresolv 3.4.0-1
ProcVersionSign
Uname: Linux 3.0.0-12-
ApportVersion: 1.23-0ubuntu4
Architecture: i386
Date: Sat Nov 26 19:27:33 2011
Dependencies:
InstallationMedia: Ubuntu 11.10 "Oneiric Ocelot" - Release i386 (20111012)
PackageArchitec
SourcePackage: openresolv
UpgradeStatus: No upgrade log present (probably fresh install)
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find.