Bug 149189
Summary: | mDNSResponder rule is on even though howl package is not installed | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 4 | Reporter: | Harry Sutton <harry.sutton> |
Component: | system-config-securitylevel | Assignee: | Thomas Woerner <twoerner> |
Status: | CLOSED CANTFIX | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 4.0 | CC: | alexl, k.georgiou, nobody+pnasrat |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | i386 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2007-11-06 13:52:31 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 177950 |
Description
Harry Sutton
2005-02-20 17:23:09 UTC
Assigning to anaconda. This is because lokkit (the program that comes with s-c-securitylevel responsible for writing out all the iptables-related files) has hard-coded to keep this port open. See big 134208. The solution here appears to be that a package should be able to request a certain port to be opened for it via its %post scriptlet so the port is only opened if the package is installed. If you require this fix in RHEL, you'll either need to take it through Issue Tracker or wait for a fix in RHEL5. I'll work on fixing this for Rawhide. I'm removing the Security keyword from this bug. This issue has the potential to have a security impact, but is not a security vulnerability by itself. I am sorry, but I can not change this, because it would be a behavior change. RHEL-4 and RHEL-5 are using howl/avahi/Zeroconf per default and the port is open. If you are disabling howl/avahi, then the open port should be no problem for you. Closing as CANTFIX. |