Skip to content
This repository has been archived by the owner on Jun 20, 2024. It is now read-only.

[dns] list entries #266

Closed
rade opened this issue Dec 8, 2014 · 2 comments
Closed

[dns] list entries #266

rade opened this issue Dec 8, 2014 · 2 comments
Labels
[component/dns] feature
Milestone
0.10.0

Comments

@rade
Copy link
Member

rade commented Dec 8, 2014

It would be rather handy - mostly for debugging - to be able to list DNS entries.

AXFR is the way to do that and is supported by a bunch of command line tools, e.g. host -l <domain> and dig <domain> axfr.

The main question we need to answer is to what degree we should control access to this information. Should containers be able to list DNS entries, or just admins? If it's containers, should they be able to list all entries or only entries for domains for which they themselves have an entry?

IMO the answer to the latter is 'all'; containers can already query DNS regardless of whether they themselves have an entry.

There is an obvious information leak here: containers in one app domain can discover the existence of other containers. They can't talk to them, but the names and their existence may constitute sensitive information.
@rade rade added the feature label Dec 8, 2014
@rade rade mentioned this issue Jan 12, 2015
Closed
@awh
Copy link
Contributor

awh commented Mar 19, 2015

Can this be closed now?

@awh
Copy link
Contributor

awh commented Mar 19, 2015

Closed by #465.

@awh awh closed this as completed Mar 19, 2015
@rade rade added this to the 0.10.0 milestone Apr 18, 2015
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
[component/dns] feature
Projects
None yet
Milestone
0.10.0
Development

No branches or pull requests
2 participants
@rade @awh