[Pkg-utopia-maintainers] Bug#717158: Bug#717158: [Secure-testing-team] Bug#717158: network-manager: ignores settings from dhclient.conf and requests insecure properties
Michael Biebl
biebl at debian.org
Wed Jul 17 19:55:22 UTC 2013
Am 17.07.2013 21:15, schrieb Florian Weimer:
> * Christoph Anton Mitterer:
>
>> NM aparently thinks it's smarter and ignores any settings from
>> dhclient.conf. This leads to security problems, if one
>> e.g. intentionally told dhcp to ignore properties like the
>> dns-search path, which may be used by a hostile dhcp server to trick
>> you into wrong domains.
>
> dhclient.conf only controls which options are requested from the
> server, the client will process unsolicited options anyway.
> Therefore, changing dhclient.conf adds zero additional security.
Fwiw, I had already removed the security tag
Michael
--
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 901 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-utopia-maintainers/attachments/20130717/62f4a9d7/attachment.sig>
More information about the Pkg-utopia-maintainers
mailing list