Am 08.04.2012 14:07, schrieb Frantisek Hanzlik: > Networking code has especial position, as bugs / problems / > misconfigurations in it have strong impact to machine security. > And I simply do not want do any ip6tables and other ipv6 > security configuration - because I do not want use ipv6 > _entirely_
so disable it what is your exactly problem? i maintain 20 public fedora machines and no single one has any ipv6 configuration becuase i disabled it as explained - why can you do not the same? >>> 2) something (NetworkManager or other malware;) can easily activate it. >> >> who told you so? >> how can NetworkManager override a KERNEL parameter? > > Have I after each update supervise whether NM or other stuff > made some unwanted changes - maybe even on kernel commandline? > And after each reboot again? No, I donĀ“t want it. boah you have to disable it once for years as you gad to disable the odule all the years before NM is not in the position to overrdie kernel-parameters kernel-parameters are not changed by updates so again: what is your problem? >> in times where it was a loadable module it was the same >> you had to make sure to disable it AND it was loaded >> most of the time >> > even if I wipe it from disk most services was able reconstruct > it and load again ;) so and what is the difference now? >> the stack is disabled entirely and the memory footprint may >> be the same as unloaded module and code paths on different >> places which has to check this > > Here I eventually agree with You hm you agree about memory fooprint you can disable ipv6 entirely so again: what is your problem?
signature.asc
Description: OpenPGP digital signature
-- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
