forcemerge 637796 638449 stop (My original report made it through now ^^... therefore merging)
Nico, iptables-persistent loads the iptables rules at boot, and thus it should be quite clear, why this can be security critical. Just imagine that for some reasons you have rsh, or telnet or something (by itself) "insecure" enabled, which is however made secure, as you protect it via firewall rules (e.g. allow only specific source addresses (from a known local network) or demand that the packets are IPsec encapsulated. If in such a situation you trust the rules being loaded, but they are not, you're absolutely screwed. Cheers, Chris. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
