On Fri, Aug 08, 2008 at 04:00:56PM +0200, Marian Hettwer wrote: > Hi Oliver, > > On Fri, 8 Aug 2008 15:18:36 +0200 (CEST), Oliver Fromme > > > > Shouldn't that be considered a security flaw? After all, > > you can perform "ifconfig $IF" inside a jail to list the > > interface configuration, but you're not allowed to make > > any changes. > > > > Given your description above, it means that it is possible > > to modify the interface configuration (cause a failover) > > from within a jail. That's not good. I think that needs > > to be fixed, or at the very least it needs to be properly > > documented. > > > And regarding documentation. It should be documented, that lagg(4) won't > work very well with bce(4). If it's nowhere documented that bce and > failover with lagg doesn't work, some people might be screwed...
I guess so although bce will not be the only one. Also spanning tree, carp and dhclient use link state events too, possibly others. Andrew _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
