On Thu, 10 Jul 2003, Ivo Timmermans wrote: > Giacomo Mulas wrote: > > On Wed, 9 Jul 2003, Noah Meyerhans wrote: > > > What would the complaints be? It's not like these hosts entries are > > > intrusive in any way. > > > > Here is one: I have a carefully crafted firewalling script based on > > iptables, and I believe I am relatively safe with respect to insecure > > services; then you automagically add IPv6 support on my box and suddenly > > my box is open to the world (iptables only filters IPv4). > > It's not about IPv6 support in the kernel, the matter at hand is if > there should be IPv6 entries in /etc/hosts.
many, many people will have IPv6 support enabled in the kernel *as a module*, and automatic module loading (look at stock kernels...). Putting IPv6 entries in /etc/hosts will cause the module to be loaded, and then you cannot even rmmod it... I think people should be advised to know that if they really don't want IPv6 support to be enabled they must uncomment/add the "alias net-pf-10 off" line in /etc/modutils/aliases. just my 2¢.. bye -- _________________________________________________________________ Giacomo Mulas <[EMAIL PROTECTED]> _________________________________________________________________ OSSERVATORIO ASTRONOMICO DI CAGLIARI Str. 54, Loc. Poggio dei Pini * 09012 Capoterra (CA) Tel. (OAC): +39 070 71180 248 Fax : +39 070 71180 222 Tel. (UNICA): +39 070 675 4916 _________________________________________________________________ "When the storms are raging around you, stay right where you are" (Freddy Mercury) _________________________________________________________________