[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [PATCH] mountd: Don't do tcp wrapper check when there are no rules




Warren Togami wrote:
> Steve Dickson wrote:
>>> Why do you not see that "deny on reverse DNS failure" is not mutually
>>> exclusive with "enable TCP wrappers"?  This is based upon a
>>> MISINTERPRETATION of how tcp wrappers should behave.  You are hard
>>> coding policy into nfs-utils.
>> Please tell how I check a 'mountd: <hostname>' entry in the
>> /etc/hosts.deny with only an IP address without doing a reverse name
>> lookup?
> 
> I am not saying "without doing a reverse name lookup".  Just remove the
> hardcoded part that makes it fatal.
which means the entry in /etc/hosts.deny will be ignored possibly allowing
access to machine that should be denied. 


steved.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]