On Dec 10, 2008, at 12:27 PM, Lisa Kachold wrote:
Trust is the basis for all security. The "evil" /etc/hosts file would look like this: # /etc/hosts 127.0.0.1 hostname localhost localhost.localdomain # end A good /etc/hosts file appears: # /etc/hosts 127.0.0.1 localhost localhost.localdomain 192.168.6.66 hostname # end
BTW, an /etc/hosts file like the first one will also mess up an Apache SSL virtual host for hostname.
Given something like this: <VirtualHost *:443> ServerName hostname </VirtualHost>Apache will resolve 'hostname' to 127.0.0.1 when it starts up. When a new SSL request comes in for 192.168.6.66, you've got breakage.
sudo httpd -t -D DUMP_VHOSTSwill let you see how Apache has parsed your virtual hosts, and you would be able to see an SSL site reported as 127.0.0.1 in this situation.
PGP.sig
Description: This is a digitally signed message part
--------------------------------------------------- PLUG-discuss mailing list - [email protected] To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
