Re: permission control for IPV6_REACHCONF

Sun, 11 Jun 2000 19:35:15 -0700 

>>>>> On Sun, 28 May 2000 15:39:25 +0200, 
>>>>> Francis Dupont <[EMAIL PROTECTED]> said:

>> Right, and I feel this is a tradeoff issue. I personally think it is
>> okay not to restrict the use of the option as long as comments on the
>> possible attacks are stated. What do others think?
   
> => I believe this is the best solution.

>       I think it is unfortunate, but I vote for restrictive way (i.e. require
>       root privilege).  another way may be to interpret, in the kernel, like
>       this:
>       - consider IPV6_REACHCONF from privileged user as very trustworthy
>       - consider IPV6_REACHCONF from normal user as less trustworthy
>         information, just as hint.  do not 100% rely upon reachability
>         confirmation came from normal user.
>       not sure how to implement the latter.  let me think.
   
> => I think the word is more complex than root and normal users, there are
> in modern OSs more than two levels of privileges then please keep the door
> open, ie. a comment is enough.

FYI: our (KAME's) latest implementation is as follows:

- introduced a per-neighbor limitation that specifies how many times
  IPV6_REACHCONF could be issued.
- each time IPV6_REACHCONF is issued, incremented a per-interface
  counter unless the counter is smaller than the limitation.
- once the counter reached the limitation, further IPV6_REACHCONF
  would be ignored.
- if a neighbor's reachability was confirmed by NUD, reset the counter
  for the neighbor.

This procedure is always applied regardless of privilege.

As for specification, we don't think this behavior should be
documented in rfc2292bis (i.e. this is just our original
workaround). However, we hope that rfc2292 mentions a confusing story
about IPV6_REACHCONF that I pointed in the beginning of this thread.

                                        JINMEI, Tatuya
                                        Communication Platform Lab.
                                        Corporate R&D Center, Toshiba Corp.
                                        [EMAIL PROTECTED]
--------------------------------------------------------------------
IETF IPng Working Group Mailing List
IPng Home Page:                      http://playground.sun.com/ipng
FTP archive:                      ftp://playground.sun.com/pub/ipng
Direct all administrative requests to [EMAIL PROTECTED]
--------------------------------------------------------------------

Reply via email to