The default configuration doesn't expose sendmail to the publicly
visible IP addres. The daemon it runs only listens for
connections to
the localhost address.
Which is rewritten to the jails (externally visible) address on a
connect()
Yup. I wasn't aware of that strange behavior of jails. That should be
fixed.
Fixed how? Disallow jailed applications to connect to 127.0.0.1,
and thus break most of them, or have them reach 127.0.0.1 on the
host system and weaken the security?
Would it be too much to ask to let the system keep lo0, and give the
first jail lo1, the second jail lo2...? That is, a separate loopback
for each jail?
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
