[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: NFS tcp wrapper situation



Ric Wheeler wrote:

I don't disagree with the best way to use it as you suggest, but the specific issue is for those who (naively?) put a hostname into the deny file. I don't think that we can assume that users will always do the optimal thing :-)

Exactly the same thing can be said about misconfiguration with iptables.

Why is misconfigured tcp wrappers important enough to second guess, while misconfigured iptables is not?

This is one of the key reasons why this is NOT A BUG, and it does not belong in nfs-utils upstream.

If the concern is for the behavior to match the man page, the man page should have big fat warnings, it NEVER a good idea to use hostnames in /etc/hosts.deny.

Warren Togami
wtogami redhat com


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]