On Tue, Nov 08, 2005 at 07:59:21PM +0000, Lyn St George wrote: > On Tue, 8 Nov 2005 13:04:50 +0100, Herbert Poetzl wrote: > > >On Tue, Nov 08, 2005 at 10:03:40AM +0100, Evert Meulie wrote: > >> Yup, that was it! :-) > >> > >> Are there any plans to make 127.0.0.1 existant in future versions of > >> vserver? > > > >yes :) > > Does this mean that binding to 127.0.0.1 is currently risky in > some way?
well, binding to, no, as it will be remapped to your first IP, disabling or circumventing this mechanism, might result in lower security ... > The reason I ask is that I had to do this to setup Postfix + amavisd > +spamd inside a vserver. This uses the old style config, and I just > added 127.0.0.1 to the list of IPs to bind to. A netstat within the > vserver shows the correct 2 ports bound to this IP, while a netstat > on the host shows no ports bound. Kernel 2.6.12.4 + vs2.0 + > tools 0.30.208. well, yes this reduces the security, but as long as you 'know' who will bind to 127.0.0.1, it should be moderate ... best, Herbert > >> Regards, > >> Evert > >> > >> > >> Oliver Welter wrote: > >> >Hi, > >> > > >> >I think that this problem is related to the nonexisting 127.0.0.1 > >> >address. If I remeber correctly than nagios try to ping this address and > >> >cant reach it.... > >> >I think that I simply commented this check out in the scripts > >> > > > - > Lyn > > _______________________________________________ > Vserver mailing list > Vserver@list.linux-vserver.org > http://list.linux-vserver.org/mailman/listinfo/vserver _______________________________________________ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
