[systemd-devel] systemd-resolved, multi-home DNS resolution, VPNs, and privacy
Tom Gundersen
teg at jklm.no
Thu Aug 28 14:29:11 PDT 2014
On Thu, Aug 28, 2014 at 10:08 PM, Josh Triplett <josh at joshtriplett.org> wrote:
> The documentation for systemd-resolved says it sends DNS queries on all
> interfaces. That seems like a bug for privacy and security reasons: I
> don't necessarily want a query for foo.internalhost.com going anywhere
> other than my VPN for internalhost.com, and if I run a VPN for privacy
> purposes then I don't want *anything* other than the VPN itself to send
> traffic over a non-VPN interface. Any way we could fix that while
> retaining the "works out of the box" behavior?
Hi Josh,
The idea is to make it possible to lock this down further. I believe
we still lack a few bits before we have everything, but the general
idea is outlined here:
<http://lists.freedesktop.org/archives/systemd-devel/2014-August/021960.html>,
which I think fits with what you are after.
Cheers,
Tom
More information about the systemd-devel
mailing list