guix-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Contents of /etc/hosts

From: Hartmut Goebel
Subject: Re: Contents of /etc/hosts
Date: Thu, 6 Oct 2016 12:07:37 +0200
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.3.0
Am 06.10.2016 um 02:57 schrieb John Darrington:
       127.0.0.1 localhost
       ::1       localhost
       127.0.0.1 gambrinus
       ::1       gambrinus
     
     Or am I missing something?

Hmm.  I have never seen it done this way elsewhere, and I really wonder how some
services will react if they discover that 127.0.0.1 is not called "localhost"?  
Or that one address is known by two names.  I think it possible they might 
assume a security breach and refuse to work.

This should not be a problem. One could always add several entries for the same IP-address. And "getent hosts 127.0.0.1" will return the first entry in /etc/hosts AFAIKT.

I started digging through the man pages, but did not finish. It's a deep maybe recursive mess of documentation where nothing is said about  Maybe we need to refer to the gethostbyname(2) and gethostbyname(3) documentation, which both are listed in "man hostname".

* gethostbyname(2) [1], uses uname[2], which returns what ever has been set with sethostname (AFAICT) and always returns a single string.

* gethostbyname(3) [3] returns a structure capable to hold an name, several aliases, and several addresses.

Nevertheless my conclusion is that any program should be able to handle any ip-address and and hostname and must not rely on any assumtion regarding these. (Exept perhaps to assume "localhost" is defined.)

[1] http://man7.org/linux/man-pages/man2/gethostname.2.html
[2] http://man7.org/linux/man-pages/man2/uname.2.html
[3] http://man7.org/linux/man-pages/man3/gethostbyname.3.html
[4] http://man7.org/linux/man-pages/man5/hosts.5.html

Kerberos is very fussy about such things.

Yes, it is, forward and backward resolution must match. But this can be done with a the hostname's non-loopback IP-address being in front of the loopback entry. ASAIK


--
Schönen Gruß
Hartmut Goebel
Dipl.-Informatiker (univ), CISSP, CSSLP, ISO 27001 Lead Implementer
Information Security Management, Security Governance, Secure Software Development

Goebel Consult, Landshut
http://www.goebel-consult.de

Blog: http://www.goebel-consult.de/blog/feiertagsarbeit-bei-teletrust
Kolumne: http://www.cissp-gefluester.de/2011-02-fleisige-datensammler-fur-lukratives-geschaeftsmodell-gesucht

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

reply via email to
[Prev in Thread] Current Thread [Next in Thread]