[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: HOWTO: Join the 6bone!



On Sat, 23 Sep 2000, Greg Stark wrote:
> Hm, what is would the response be to making IPv6 a tentative release goal for
> woody? 

As long as the built-in kernel firewall and all daemons that are priority
standard or above are _audited_ and patched to work fine with ipv6, I'd say
it's a laudable goal.

BTW, "work fine" defined as: Will NOT open a security hole.  

If it will refuse any ipv6 connects, fine. If it will allow rogue connects
of any type because of the ipv6 patch... then we'd be better off without
ipv6.

I'm worried about tcp wrappers allowing crap through, weird ipv4/ipv6 tricks
bypassing firewall rules, MTAs everywhere going bonkers because of IPV6 ips
in the headers, etc.  I'm not knowledgeable in ipv6, so maybe this is
already done and not an issue...

I'd not enable the ipv6 protocol in /etc/modutils/aliases by default,
though. That would create a nightmare in the mailing lists, I fear :-)

-- 
  "One disk to rule them all, One disk to find them. One disk to bring
  them all and in the darkness grind them. In the Land of Redmond
  where the shadows lie." -- The Silicon Valley Tarot
  Henrique Holschuh

Attachment: pgpeLrRDC7c95.pgp
Description: PGP signature


Reply to: