udhcpc overwriting /etc/resolv.conf [SOLVED]

[tinypoodle]

udhcpc is overwriting /etc/resolv.conf each time it is called, regardless of file being set to read-only:

Code: [Select]

tc@box:~$ sudo chmod -v a-w /etc/resolv.conf
mode of '/etc/resolv.conf' changed to 0444 (r--r--r--)
tc@box:~$ ls -l /etc/resolv.conf
-r--r--r--    1 root     root           36 Aug  1 14:36 /etc/resolv.conf
tc@box:~$ sudo echo 'nameserver 8.8.8.8' > /etc/resolv.conf
sh: can't create /etc/resolv.conf: Permission denied
I didn't find an explicit option for udhcpc not to request DNS server address or not to "update" /etc/resolv.conf as found in other dhcp client.
How comes an app can overwrite a file chmod'ed to a-w, when even root gets 'permission denied' to write to it?
What are the possible implications on security here?

[curaga]

Common mistake with the echo, root has all the power

tc@box:~$ sudo echo hello > file # the redirection happens in the shell, which is run by user tc

[tinypoodle]

Ah, thank you very much, learned something!  

Of course the core of the issue remains, how to prevent udhcpc from overwriting /etc/resolv.conf

[ixbrian]

Ah, thank you very much, learned something! 

Of course the core of the issue remains, how to prevent udhcpc from overwriting /etc/resolv.conf

I haven't tried it, but maybe you could try changing /sbin/udhcpc in to a shell script wrapper that would recreate /etc/resolv.conf with your custom settings each time after it is called.  Something like this:

Code: [Select]

busybox udhcpc $@
cat > /etc/resolv.conf << EOF
nameserver 0.0.0.0
nameserver 0.0.0.0
EOF


[tinypoodle]

Thanks for the suggestion, I had been thinking about something along the lines of:

Code: [Select]

sudo mv -f /etc/resolv.conf~ /etc/resolv.conf


[tinypoodle]

Proper solution in following thread:

http://forum.tinycorelinux.net/index.php?topic=8019