[Tails-dev] Systemd resolved fallback dns

Nachricht löschen

Nachricht beantworten
Autor: Patrick
Datum:  
To: tails-dev
Betreff: [Tails-dev] Systemd resolved fallback dns
I see that Tails disables systemd-resolved.service which makes sense and
is good. Also see that /etc/systemd/timesyncd.conf is commented out also :)

My question is would it help to add 40_disable-fallback-dns.conf to
prevent it if systemd-resolved were ever loaded (by an attacker) since
systemd-resloved uses google dns by default.

config/chroot_local-includes/usr/lib/systemd/resolved.conf.d/40_disable-fallback-dns.conf

```
[Resolve]
FallbackDNS=
```

Also systemd-resolved loads during boot normally, so does Tails disable
it before networking?