sön 2007-06-10 klockan 20:15 +0530 skrev Rahul Sundaram: > I can't see how it is relevant. It isn't a daemon and it doesn't connect > to the network. If you did disable it and it was turned that is indeed a > bug that not one that really affects security. Hmm... It's still extra code paths that might have exploitable bugs, though some or all of those bugs might only be exploitable on the local network unless the computer has a routable v6 address. I'm all for v6 though! The improved support in F7 is great! > The services you quote don't connect to network by default. For example, > sendmail is by default configured to connect only to the localhost. It > is enabled only to deliver log files to the root user and you have to > explicitly configure it to connect to the network. True about sendmail, though, from lsof on a rather minimal F7 install: rpcbind 1487 rpc 6u IPv6 4892 UDP *:sunrpc rpcbind 1487 rpc 8u IPv6 4897 TCP *:sunrpc (LISTEN) rpc.statd 1512 root 7u IPv4 4981 TCP *:846 (LISTEN) Seems like it's accepting unsolicited data from the network. I always disable those services when I do new installs. > The default firewall configuration does block it too. True, though, like I said before, think multi-layer security. /abo
