On 14 Oct 2004, Victor Norman <[EMAIL PROTECTED]> wrote: > Because our engineers are on umpteen different networks in our organization, > all of which is behind a firewall. I figure that if some hacker is good enough > to get into our organization, he deserves to be able to use distccd as medium > for doing more harm. In any case, once he's in, there are plenty more > well-known ways to get at stuff. And, if he uses distccd to run stuff on > remote machines, then he'll be running that stuff as me (user norman), which > means he can only do what I can do in the network -- which is mostly just mess > up my own stuff. I'm willing to take that risk. > > It certainly is alot easier than putting about 14 --allow statements in each > distccd startup command-line.
The /allow mask doesn't need to correspond to the netmask used by the computers, it just needs to match their IP. So if you really insist on it, a /0 or two /1 masks will match everything. Even my massive employer manages to get by with only about 4 class-A networks. Do you really have more than that? -- Martin
signature.asc
Description: Digital signature
__ distcc mailing list http://distcc.samba.org/ To unsubscribe or change options: http://lists.samba.org/mailman/listinfo/distcc