28 Sep
2020
28 Sep
'20
9:50 a.m.
On Mon, Sep 28, 2020 at 10:28 am, Paul Wouters paul@nohats.ca wrote:
This is better thant it was five years ago. I'm glad some things were at least successfully conveyed in the Brno meeting. However, this still leaks queries meant for the LAN or VPN onto the wide internet and is still a privacy and security concern.
systemd-resolved is designed to prevent DNS leaks that are unfixable with nss-mdns, not create them. DNS requests go *exactly* where you tell systemd-resolved to send them. If you've found some case where requests are not going where they're supposed to, then please report a bug.
Michael