Am 06.10.2016 um 02:57 schrieb John Darrington: > 127.0.0.1 localhost > ::1 localhost > 127.0.0.1 gambrinus > ::1 gambrinus > > Or am I missing something? > > Hmm. I have never seen it done this way elsewhere, and I really wonder how > some > services will react if they discover that 127.0.0.1 is not called > "localhost"? > Or that one address is known by two names. I think it possible they might > assume a security breach and refuse to work.
This should not be a problem. One could always add several entries for the same IP-address. And "getent hosts 127.0.0.1" will return the first entry in /etc/hosts AFAIKT. I started digging through the man pages, but did not finish. It's a deep maybe recursive mess of documentation where nothing is said about Maybe we need to refer to the gethostbyname(2) and gethostbyname(3) documentation, which both are listed in "man hostname". * gethostbyname(2) [1], uses uname[2], which returns what ever has been set with sethostname (AFAICT) and always returns a single string. * gethostbyname(3) [3] returns a structure capable to hold an name, several aliases, and several addresses. Nevertheless my conclusion is that any program should be able to handle any ip-address and and hostname and must not rely on any assumtion regarding these. (Exept perhaps to assume "localhost" is defined.) [1] http://man7.org/linux/man-pages/man2/gethostname.2.html [2] http://man7.org/linux/man-pages/man2/uname.2.html [3] http://man7.org/linux/man-pages/man3/gethostbyname.3.html [4] http://man7.org/linux/man-pages/man5/hosts.5.html > Kerberos is very fussy about such things. Yes, it is, forward and backward resolution must match. But this can be done with a the hostname's non-loopback IP-address being in front of the loopback entry. ASAIK -- Schönen Gruß Hartmut Goebel Dipl.-Informatiker (univ), CISSP, CSSLP, ISO 27001 Lead Implementer Information Security Management, Security Governance, Secure Software Development Goebel Consult, Landshut http://www.goebel-consult.de Blog: http://www.goebel-consult.de/blog/feiertagsarbeit-bei-teletrust Kolumne: http://www.cissp-gefluester.de/2011-02-fleisige-datensammler-fur-lukratives-geschaeftsmodell-gesucht
smime.p7s
Description: S/MIME Cryptographic Signature
