Date: Wed, 11 Feb 2009 22:32:13 +0000 (UTC) From: "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net> To: Miroslav Lachman <000.fbsd@quip.cz> Cc: freebsd-jail@freebsd.org Subject: Re: HEADS UP: multi-IPv4/v6/no-IP jails now in 7-STABLE Message-ID: <20090211223202.W53478@maildrop.int.zabbadoz.net> In-Reply-To: <4992B4E6.1040607@quip.cz> References: <20090207174104.Y93725@maildrop.int.zabbadoz.net> <4992B4E6.1040607@quip.cz>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 11 Feb 2009, Miroslav Lachman wrote: > I have a question about INADDR_ANY in relation to new multi-IP jails. > It was discussed some time ago as PR 84215 [wildcard ip (INADDR_ANY) should > not bind inside a jail] http://www.freebsd.org/cgi/query-pr.cgi?pr=84215 and > it seemed fixed, but manpage for jail is still saying: > > "Similarly, it might be a good idea to add an address alias flag such that > daemons listening on all IPs (INADDR_ANY) will not bind on that address, > which would facilitate building a safe host environment such that host > daemons do not impose on services offered from within jails." > > Can you please clarify the current state? http://lists.freebsd.org/pipermail/freebsd-jail/2008-November/000623.html -- Bjoern A. Zeeb The greatest risk is not taking one.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090211223202.W53478>