Bug#876962: systemd: Default /etc/resolv.conf leak DNS lookups to Google
pere at hungry.com
Wed Sep 27 08:25:18 BST 2017
By default, the systemd-resolved service in systemd will insert Google
controlled DNS servers in /etc/resolv.conf (184.108.40.206, 220.127.116.11,
2001:4860:4860::8888,2001:4860:4860::8844) . The effect is that all DNS
lookups are reported to Google, providing a rather nasty information
leak to Google by default.
Please change this to not leak information to Google by default.
The Google IP addresses are hardcoded into the binaries, as far as I can
tell, but can be overrided using the FallbackDNS value in
% strings /lib/systemd/systemd-resolved | grep 8.8.8
18.104.22.168 22.214.171.124 2001:4860:4860::8888 2001:4860:4860::8844
More information about the Pkg-systemd-maintainers