Re: Bindv6only once again
Jarek Kamiński writes:
> Na grupie linux.debian.devel napisałe(a)ś:
> >> I see only two ways of fixing proprietary Java (apart from fixing it
> >> upstream or ignoring the problem):
> >> * wrap java and java_vm binaries in some scripts setting LD_PRELOAD (in
> >>
> >> Debian package)
> >>
> >> or
> >> * allow sun-java6-* packages to override bindv6only sysctl.
> >
> > * allow bindv6only to be overridden by process instead of system-wide.
>
> You mean modifying kernel?
Of course not, the kernel already provides everything needed for years, and
these dummy apps can still request bindv6only to 0 on the sockets they listen
on their own, which is also discussed at debian-ctte[1]:
int b = 0;
if (setsockopt(s, IPPROTO_IPV6, IPV6_V6ONLY, (char *)&b, sizeof(b))==-1)
perror("failed blah");
they would be still inferior to those opening two separate sockets (which
means more fine-grained control like listening on v4 or v6 or both, or
establish means to threat them specifically if necessary), but this is at least
easily doable for brain-damaged apps badly in need for 0.
[1] http://lists.debian.org/debian-ctte/2010/06/msg00002.html
--
pub 4096R/0E4BD0AB <people.fccf.net/danchev/key pgp.mit.edu>
Reply to: