In your previous mail you wrote:
>Right, and I feel this is a tradeoff issue. I personally think it is
>okay not to restrict the use of the option as long as comments on the
>possible attacks are stated. What do others think?
=> I believe this is the best solution.
I think it is unfortunate, but I vote for restrictive way (i.e. require
root privilege). another way may be to interpret, in the kernel, like
this:
- consider IPV6_REACHCONF from privileged user as very trustworthy
- consider IPV6_REACHCONF from normal user as less trustworthy
information, just as hint. do not 100% rely upon reachability
confirmation came from normal user.
not sure how to implement the latter. let me think.
=> I think the word is more complex than root and normal users, there are
in modern OSs more than two levels of privileges then please keep the door
open, ie. a comment is enough.
Regards
[EMAIL PROTECTED]
--------------------------------------------------------------------
IETF IPng Working Group Mailing List
IPng Home Page: http://playground.sun.com/ipng
FTP archive: ftp://playground.sun.com/pub/ipng
Direct all administrative requests to [EMAIL PROTECTED]
--------------------------------------------------------------------
