From: Martin List-Petersen (martin_at_list-petersen.se)
Date: Mon 18 Aug 2003 - 15:58:44 BST
Citat Paul Sladen <vserver_at_paul.sladen.org>:
> On Sun, 17 Aug 2003, Baptiste SIMON wrote:
> > I'd like to take a look at IPv6 possibilities w/ vservers.
> Probably about time somebody did: :-)
> In other news I remember having a conversation with somebody [off-list?]
> about why their daemon wasn't behaving as expected. It turned out that if
> IPv6 was enabled at compile time, the bind() procedure end up binding to
> all IPv4 *and* IPv6 addresses--rather than just the IPv4 ones that it should
> have been chbind() restricted to.
> So in a sense, the two are actually more interlocked that I thought.
We had a chat about that at Debconf. The thing is that as soon as you enable
ipv6 (in kernel or as module) some daemons (namely Exim, Courier-IMAP/POP3 etc.)
bind * at ipv6 level (also ipv4 ports) and thereby go past the security
That way they bind the port on all ip's (also ipv4 ones).
martin at list-petersen dot se
-- A Tale of Two Cities LITE(tm) -- by Charles Dickens
A man in love with a girl who loves another man who looks just like him has his head chopped off in France because of a mean lady who knits.
Crime and Punishment LITE(tm) -- by Fyodor Dostoevski
A man sends a nasty letter to a pawnbroker, but later feels guilty and apologizes.
The Odyssey LITE(tm) -- by Homer
After working late, a valiant warrior gets lost on his way home.