Subject: Re: localhost security hole
To: David Porowski <dproski@erols.com>
From: Andrew Brown <atatat@atatdot.net>
List: tech-security
Date: 06/29/2003 02:01:04
>> >5) always use 127.0.0.1 localhost.domain localhost
>>
>> actually, i'd recommend "127.0.0.1 localhost localhost.domain" so that
>> you can look up localhost.domain (using gethostbyname()), but the
>> canonical name for it will be returned as localhost.
>
>Interesting. I guess I have always preferred the FQDN
>as canonical, but that could be useful.
i think that doing as much as possible to keep 127.0.0.1 mapping to
localhost, and localhost to 127.0.0.1 is a good thing. by putting the
localhost.fqdn first, things become more complicated.
--
|-----< "CODE WARRIOR" >-----|
codewarrior@daemon.org * "ah! i see you have the internet
twofsonet@graffiti.com (Andrew Brown) that goes *ping*!"
werdna@squooshy.com * "information is power -- share the wealth."