and a firewall protects a complete sub-net in most cases. so SAPDB wouldn't be protected from being accessed by any other computer in the sub-net.It would still be nice to have SAPDB vserver/serv.exe bind on certain interfaces only instead of 0.0.0.0, because you can't always access local ip security settings (i.e. support not compiled into the kernel or not accessible on a linux webserver box). Furthermore you could use the free port on the interfaces you don't bind to for other purposes.
it should be the same on windows and unix:In case of SAPDB on Windows it shouldn't be too hard to do because the bind function in sqltcp.dll internally always binds to 0.0.0.0/INADDR_ANY. The specific sqltcp.dll function could just have an optional parameter for the interface(s) thats by default 0.0.0.0. The service requesting the bind could then be modified to have another parameter in its configuration for this purpose and it could forward this to the bind function in sqltcp.dll. I'm sure it could work for Unix systems in a similar way....without endangering backwards compatibility.
added a new paramter to the function that calles bind() on the serversocket.
but another thing is, where to store the config.
any ideas?
_______________________________________________
sapdb.general mailing list
[EMAIL PROTECTED]
http://listserv.sap.com/mailman/listinfo/sapdb.general
