Subject: Re: per-process socket security settings
To: None <>
From: Darren Reed <>
List: tech-net
Date: 03/08/2001 19:02:14
In some email I received from, sie wrote:
> >> 	you right.  i will need some trick to allow DNS lookups to go out
> >> 	without ipsec...
> >maybe libresolv could explicity check and reset it if it's not enabled
> >via resolv.conf ?
> 	yup, but if there's someone who would like to use IPsec'ed DNS
> 	lookup...  an option to /etc/resolv.conf may be necessary.

libresolv already has extensive support for disabling and enabling
options via environment variables, so I can't see why this would be
too hard to manage.