[Bug 225668] 'su' command reads /etc/hosts and calls name resolution erroneously

[bugzilla-noreply at freebsd.org]

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=225668

            Bug ID: 225668
           Summary: 'su' command reads /etc/hosts and calls name
                    resolution erroneously
           Product: Base System
           Version: 11.1-RELEASE
          Hardware: amd64
                OS: Any
            Status: New
          Severity: Affects Many People
          Priority: ---
         Component: bin
          Assignee: freebsd-bugs at FreeBSD.org
          Reporter: feh at fehcom.de

Created attachment 190321
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=190321&action=edit
My /etc/hosts file + /etc/resolv.conf + capture of the name lookup following
the 'su' command

Hi,

upon calling 'su', su does the following:

- it reads /etc/hosts,
- it misinterprets an entry here with a colon as token in the first column, 
- it uses a DNS stub resolver to forward this crippled name for unqualified
name resolution.

Given this behaviour, 'su' leaks information via DNS.

After forwarding the information to a DNS cache server, the initial call of
'su' waits for a time-out (about 500 msec). Usually, the cache server returns
NXDOMAIN following his cache, 'su' seems to work faster the following calls. 

Attached you will find a documentation of this behaviour. 

Regards.
--eh.

-- 
You are receiving this mail because:
You are the assignee for the bug.