From: Jacques Gelinas (jack_at_solucorp.qc.ca)
Date: Mon 04 Nov 2002 - 20:14:46 GMT
On Sat, 2 Nov 2002 18:42:20 -0500, Gerrit Hoetzel wrote
> How do you ensure that a vserver cannot establish a connection to a
> program listening to 0.0.0.0 on the root system without denying loopback
> capabilities for the vserver on its own IP ?
A vserver is forced to use its own private IP. So you can use firewalling rules
to control that. You are sure of the "from" part of the rule.
---------------------------------------------------------
Jacques Gelinas <jack_at_solucorp.qc.ca>
vserver: run general purpose virtual servers on one box, full speed!
http://www.solucorp.qc.ca/miscprj/s_context.hc