On Fri, 8 Aug 2008, Hal Rosenstock wrote: | On Fri, Aug 8, 2008 at 10:12 AM, John Russo <[EMAIL PROTECTED]> wrote: | > Issue: We have found that causes openibd to be started before networking | > and therefore the NodeDescription, when returned from the SM, does not | > always contain the hostname of the system when ibhosts is run. | > A solution was proposed however I wanted to give an alternative that we | > worked out in case you liked it and wanted to use it instead. | | I would think setting of the NodeDescription in this manner would need | to be done optionally, via a module parameter, with the default being | off. Quite some time ago we had the discussion about it being a system | admin policy/possible security issue to reveal or not reveal the | hostname via similar mechanisms. For a similar reason, this capability | was removed from ICMP.
That's addressed by the same mechanism that currently exists in the openibd script. Simply set the node_desc to something other than the hostname. The new behavior occurs only if the node_desc hasn't been explictly set. If there is strong concern that this leaves a small window in which the hostname is exposed, it could be modified to occur only if the node_desc is set to some well-defined string, such as __HOST__ or something of the sort. I think a module parameter is more than is needed; if added, it should probably default to enable, since relatively few sites are likely to have security concerns within an IB fabric (as far as exposing hostnames). Dave Olson [EMAIL PROTECTED] _______________________________________________ general mailing list [email protected] http://lists.openfabrics.org/cgi-bin/mailman/listinfo/general To unsubscribe, please visit http://openib.org/mailman/listinfo/openib-general
