Janusz Krzysztofik wrote:
I believe my patch is safe because for the old behaviour (process name) it
only removes error provoking condition on request->server-:sim being set,
introduced by port numbrer patch, and does not change anything else. This
condition is only applicable in case of port number, I think.
On the other hand, I can not imagine a real-life example when
request->server->sin is not set. I think this can only happen using
tcpdmatch, so maybe correcting this utility to set request->server->sin
instead of (or in addition to) patching the library would be more
appropriate.
I can give you a real world example, after all that's how I found it. I
only use hosts.allow and hosts.deny to set the two rules I indicated in
the initial bug report. That is allowing ssh connections from any
location and denying everything else except those connections from
localhost. Support for libwrap was recently added to vino. With the
existing libwrap0 package in testing/unstable connections to vino are
allowed from any location (not just connections from localhost). You
may ask why this is useful. Requiring that the connections come from
localhost is a means of securing vnc connections. In my case the
localost connection is achieved by tunneling vnc connections over ssh.
--
Jamin W. Collins
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
