Ole Wolf <[EMAIL PROTECTED]> invited blackmail by remarking: > I realize this is quickly going off on a tangent, but if a machine is > known by the FQDN lah.di.dah.com and this machine makes a connection to > lah.di.dah.com, isn't it all right if the machine connects directly to > localhost instead?
No, not in the general case. This complicates enormously things like
firewall setups and opens up a slew of security problems. For many
applications, the loopback interface is given a special level of trust not
given to ethernet or other types of connections. Some depend on the source
to determine what to do with an incoming socket connection, and pointing
your fqdn to localhost is apt to befuddle these applications.
I reccomend prefering Unix sockets rather than TCP if you want to keep
connections from leaving the box. There is currently no way of using
tmda-ofmipd with Unix sockets currently, however.
Regards,
DV
pgp00000.pgp
Description: PGP signature
_____________________________________________ tmda-users mailing list ([EMAIL PROTECTED]) http://tmda.net/lists/listinfo/tmda-users
