bittorrent in core? what frontend?
Callum Lerwick
seg at haxxed.com
Sat Dec 17 20:55:09 UTC 2005
> Yes, but you may have to punch holes in the firewall _as well_. I don't
> think selinux security context would override any local firewall rules
> which (as they stand today) lock down all ports that aren't explicitly
> enabled for a service.
Thats why you should be using selinux to prevent unwanted port bindings
system wide. Disable firewalling in this case. Or at least limit it to
ports <1024 or something.
There's still the annoying question of ports the *kernel itself* is
listening to. NFS serving likes to do this, and use random ports just
above 1024 to do it. ;P
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-devel-list/attachments/20051217/766d2cd8/attachment.sig>
More information about the fedora-devel-list
mailing list