about summary refs log tree commit diff
path: root/nixos/doc/manual/release-notes/rl-2003.xml
diff options
context:
space:
mode:
Diffstat (limited to 'nixos/doc/manual/release-notes/rl-2003.xml')
-rw-r--r--nixos/doc/manual/release-notes/rl-2003.xml14
1 files changed, 13 insertions, 1 deletions
diff --git a/nixos/doc/manual/release-notes/rl-2003.xml b/nixos/doc/manual/release-notes/rl-2003.xml
index ab0951e831ce..33eba8002bab 100644
--- a/nixos/doc/manual/release-notes/rl-2003.xml
+++ b/nixos/doc/manual/release-notes/rl-2003.xml
@@ -85,7 +85,19 @@
 
   <itemizedlist>
    <listitem>
-    <para />
+    <para>
+     The <literal>dynamicHosts</literal> option has been removed from the
+     <link linkend="opt-networking.networkmanager.enable">networkd</link>
+     module. Allowing (multiple) regular users to override host entries
+     affecting the whole system opens up a huge attack vector.
+     There seem to be very rare cases where this might be useful.
+     Consider setting system-wide host entries using
+     <link linkend="opt-networking.hosts">networking.hosts</link>, provide
+     them via the DNS server in your network, or use
+     <link linkend="opt-environment.etc">environment.etc</link>
+     to add a file into <literal>/etc/NetworkManager/dnsmasq.d</literal>
+     reconfiguring <literal>hostsdir</literal>.
+    </para>
    </listitem>
   </itemizedlist>
  </section>
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-09 20:05:50 +0000