On (Arch) Linux, I configured a VPN, which I do not want to use for all the traffic, but for the software that binds to the associated tun/tap interface. So far, with the help of iproute2's policy routing, this is working well.
The VPN has a nameserver, which I want the software, that taps into the VPN, to use. Where do I put that nameserver's address, without ending up having the other software trying to use it? Which is what I get, putting it into /etc/resolv.conf.
There is no such thing as a process-specific nameserver setting with Linux. The resolv.conf defines the resolvers for your entire system, no matter who is asking.
If you just need a distinct couple of non-public domain names resolved for the VPN-using software, consider running an own name server and setting a specific forwarder server for those domains. Using dnsmasq with the -S /internal.domain.name/<address of internal name server>@tun0 parameter (specified several times if you have more than one domain) set seems like a sensible idea here. Use the newly-created local nameserver (127.0.0.1) as the sole resolver in /etc/resolv.conf and you should be good.