On Fri, Aug 14, 2009 at 12:04:55AM +0200, Christoph Anton Mitterer wrote: > The issue that sysctl MUST be loaded BEFORE network interfaces are > brought up (for security reasons).... is this secured by the LSB > init script headers? You're saying it should be done before the interfaces are brought up, but the bug report is about sysctl running too early.
> I mean now that insserv and concurrent booting moves to be the > default... it's quite important to secure this, IMHO. The problem is you are trying to satisfy two mutually exclusive requirements. No matter where sysctl is run, it is too early or two late for something. Now with insserv, perhaps there is a place it can be run, before the interfaces are configured but after the module is loaded, if such a place exists. - Craig -- Craig Small GnuPG:1C1B D893 1418 2AF4 45EE 95CB C76C E5AC 12CA DFA5 http://www.enc.com.au/ csmall at : enc.com.au http://www.debian.org/ Debian GNU/Linux, software should be Free -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
