[mythtv] [mythtv-commits] mythtv/master commit: 50606cd50 by Stuart Morgan (stuartm)
Raymond Wagner
raymond at wagnerrp.com
Sun Aug 14 15:22:58 UTC 2011
On 8/14/2011 09:56, E. Westbrook wrote:
> On Thu, Aug 11, 2011 at 16:11, MythTV <noreply at mythtv.org
> <mailto:noreply at mythtv.org>> wrote:
>
> Author: Stuart Morgan <smorgan at mythtv.org
> <mailto:smorgan at mythtv.org>>
> Change Date: 2011-08-11T14:05:00-07:00
> Push Date: 2011/08/11 15:10:55 -0700
> Repository: mythtv
> Branch: master
> New Revision: 50606cd50a7f1e951d5bdec4ffbb9c137bbbc5c2
> Changeset: https://github.com/MythTV/mythtv/commit/50606cd50
>
> Log:
>
> Always use the loopback interface when local
>
> If the backend is local to the frontend then we will always use the
> loopback interface instead of connecting on the external IP. This adds
> some resilience to setups where the network connection may drop, e.g.
> using wifi - especially Ubuntu which removes the IP from the interface
> if it detects that the network is unreachable.
>
> Modified:
>
> mythtv/libs/libmythbase/mythsocket.cpp
> mythtv/libs/libmythbase/mythsocket.h
>
>
>
> This commit breaks my system. MythTV tries localhost instead of what
> I've explicitly told it to.
>
> I configure services with specific addresses on specific interfaces as
> part of my overall network and security policy framework. Some of
> these are local, some are not, and all are subject to change if my
> policy needs them to. Specifically, I configure all services (that I
> can) to NOT listen on wildcard or loopback addresses.
If you're worried about things connecting to localhost that aren't
supposed to, doesn't that mean your system has already been compromised?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.mythtv.org/pipermail/mythtv-dev/attachments/20110814/fc2956fa/attachment.html
More information about the mythtv-dev
mailing list