Subject: Re: localhost security hole
To: Alan Barrett <firstname.lastname@example.org>
From: Andrew Brown <email@example.com>
Date: 06/29/2003 01:04:00
>> Index: gnu/usr.sbin/sendmail/cf/cf/netbsd-msp.mc
>> @@ -2,4 +2,4 @@
>> VERSIONID(`@(#)netbsd-msp.mc $Revision: 1.2 $')
>> +FEATURE(`msp', `[127.0.0.1]')dnl
>Thank you! The above change to netbsd-msp.mc causes the following change to
>netbsd-msp.cf (which is also installed as /etc/mail/submit.cf):
>and, with that change, sendmail on my test system no longer connects to
>10.2.3.4 (which is the IP address of localhost.example.net in my test
that may be, but it's specific to ipv4. what about about ipv6
systems, where 127.0.0.1 is not a local ip address? otoh, the name
localhost maps to an address in both spaces.
|-----< "CODE WARRIOR" >-----|
firstname.lastname@example.org * "ah! i see you have the internet
email@example.com (Andrew Brown) that goes *ping*!"
firstname.lastname@example.org * "information is power -- share the wealth."