[Firewall] Possible bug in environment script

Philip A. Prindeville philipp_subx at redfish-solutions.com
Mon Mar 9 07:31:07 CET 2009


Any chance of making this:

resolvehost()
{
  result="$(gethostbyname "$1" "ns.dyndns.org")"

  if [ -z "$result" ]; then
    result="$(gethostbyname "$1")"
  fi

  echo "$result"
}



be conditional? If you're not using dyndns, then that's a lot of useless
lookups for nothing.

It's also a potential security hole, since you're revealing who you look
up to a 3rd party which you might not have any relationship with.

-Philip




More information about the Firewall mailing list