Subject: Re: per-process socket security settings
To: None <firstname.lastname@example.org>
From: Darren Reed <email@example.com>
Date: 03/08/2001 19:02:14
In some email I received from firstname.lastname@example.org, sie wrote:
> >> you right. i will need some trick to allow DNS lookups to go out
> >> without ipsec...
> >maybe libresolv could explicity check and reset it if it's not enabled
> >via resolv.conf ?
> yup, but if there's someone who would like to use IPsec'ed DNS
> lookup... an option to /etc/resolv.conf may be necessary.
libresolv already has extensive support for disabling and enabling
options via environment variables, so I can't see why this would be
too hard to manage.