Hello Helmut,
Thank you for the clear feedback.
> So from this point of view, unbound should not enable the resolvconf
> hook by default.
( https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1125411#17 )
So the committee is now declining to overrule a maintainer who actually
changed his mind and agreed with me. This is unreal.
Regarding the argument about the server provider:
My provider did not bundle Debian with unbound.
I installed unbound myself.
What they did provide was a DHCP configuration, which I later modified
to use the local resolver. The resulting forwarding behavior was therefore
NOT the consequence of a provider choice, but of Debian’s default
interaction between DHCP-related packages and Unbound. As discussed.
I am very concerned that the privacy and safety risks were not considered
an absolute priority. Silent DNS forwarding is not a minor inconvenience.
Maybe I didn't say it clearly enough:
In some countries, DNS leaks can get people killed. In real life.
I expected this to weigh heavily in the decision.
If not outweigh any other consideration.
But this human factor doesn't seem to even have been considered.
I surely didn't expect any technical consideration to take precedence
over both user safety and privacy.
More broadly, this sets an unfortunate precedent.
Silent behavioral changes between packages erode trust in the system.
In my case, this affected a production server and resulted in a
real-life issue,
despite following a simple well-documented unbound deployment process.
I would bet most affected server admins didn't even notice they were
affected by this silent change. Because it's silent...
Users expect packages to do what their description says, not to be altered
by unrelated packages they (more often than not) didn't consciously choose.
So maybe you should change Unbound's description to be more accurate:
From man "Unbound DNS validating resolver 1.22.0."
To "Unbound DNS validating resolver, except if you use DHCP - 1.22.1."
Or "Unbound sometimes DNS validating resolver 1.22.1."
Or "Unbound DNS validating resolver but plot twist, you have to be a quite
experienced admin and reverse engineer your whole system to make sure
it doesn't stab you in your back and be a dumb resolver instead - 1.22.1."
I have no further technical arguments. And kind words are hard to find.
It is absurd that I even have to argue about this.
And even more absurd that a committee can be so disconnected...
from reality.
I will stop using Unbound in its current state.
Because I can't trust it anymore.
That's what anti-user decisions do:
make otherwise good software avoided, sometimes even hated.
(makes Debian kinda look like MS products now... what a shame)
I will surely stay alert for similar landmines in the Linux ecosystem.
Hopefully this last attempt will help you see what is obvious to me.
The decision is yours to make.
Thanks for your time.
LRob
