Bug#876962: systemd: Default /etc/resolv.conf leak DNS lookups to Google
Ansgar Burchardt
ansgar at debian.org
Wed Sep 27 09:08:50 BST 2017
Control: unarchive 761658
Control: forcemerge 761658 -1
Petter Reinholdtsen writes:
> By default, the systemd-resolved service in systemd will insert Google
> controlled DNS servers in /etc/resolv.conf (8.8.8.8, 8.8.4.4,
> 2001:4860:4860::8888,2001:4860:4860::8844) . The effect is that all DNS
> lookups are reported to Google, providing a rather nasty information
> leak to Google by default.
>
> Please change this to not leak information to Google by default.
>
> The Google IP addresses are hardcoded into the binaries, as far as I can
> tell, but can be overrided using the FallbackDNS value in
> /etc/systemd/resolved.conf.
This is a duplicate of #761658 which was marked "wontfix" (in [1],
though it looks like the tag isn't there).
Ansgar
[1] https://bugs.debian.org/761658#15
More information about the Pkg-systemd-maintainers
mailing list