On Tue, Feb 16, 1999 at 03:30:13PM -0800, Curt Sampson wrote:
> [ traceroute patch ]
> 1. If uid != 0 (you're not superuser), it checks to see that
> the source address it's going to use is an address from a local
> interface that's up and not marked loopback.
While I agree with most other changes, I do not see why zou should
forbid loopback if's for the source address. I know several boxes which
are multi-homed, and use loopback interfaces to respond to these ip's
like this:
[snip from my /etc/rc.local]
myarp="05:ec:12:de:c0:de"
if_no=0
echo -n 'configuring loopbacks:'
for ip in 10.10.10.1 10.10.10.10 10.10.10.23 10.10.10.42; do
if_no=`expr $if_no + 1`
ifconfig lo$if_no $ip netmask 0xffffffff
arp -s $ip $myarp pub
echo -n " $ip"
done
echo '.'
As I see it, i would not be able to use thes IP's for traceroutes
anymore, which is IMHO a bad thing.
CU,
Sec
--
Ich gehe sogar noch weiter, ich verwende "Sicherheit" nun im Zusammenhang mit:
Kochplatten, Toaster und Motorsaegen. 8) -- <schwarziat_private-luebeck.de>
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:35:56 PDT