Peter Memishian wrote: > > Follow on projects will allow us to select what INET connections can be > > made; I do not believe that a carte blanche for "localhost" connections is > > warranted: it allows sending email out through sendmail using the > > submission port. > > I don't follow. How would mail actually be sent off the machine?
Connect to 127.1 port 587 and blast away. > Why > should not having "network privileges" prevent applications from being > used for local purposes? Further, the set of impacted applications will > be essentially random based on the whim of the IPC mechanism used by its > implementors. I think what Casper is arguing is that this doesn't actually matter. Someone who wants to revoke this privilege for some process will need to test the application (and perhaps examine its source code) in order to determine whether doing so is feasible. If that's done right, you'd have no problems. -- James Carlson 42.703N 71.076W <carlsonj at workingcode.com>
