Mike Ditto writes: > Although I'm not sure, either, it's a very good question. Crossbow > is another project that will emphasize and proliferate the concept of > intra-machine traffic moving across internal virtual links, and it > does seem that there are very different security risks between that > and traditional networking. (I'm not saying that virtual links have > greater risks, just that they are so substantially different that > very different privileges are appropriate to observe them. Because > I may trust some data to move in the clear between zones/domains that > I wouldn't place in the clear on a wire, I may trust some people to > snoop at the wire who I don't want snooping my in-memory virtual > links.)
It's always been the case that local connections were more trusted -- not subjected to filtering, exempt from encryption paths, and even handling credentials securely. So, yes, adding observability here does sound to me like a potentially substantial risk (e.g., a good way to expose passwords in the clear), unless we can tie it into the permissions that the socket user himself has. -- James Carlson, KISS Network <[EMAIL PROTECTED]> Sun Microsystems / 1 Network Drive 71.232W Vox +1 781 442 2084 MS UBUR02-212 / Burlington MA 01803-2757 42.496N Fax +1 781 442 1677 _______________________________________________ networking-discuss mailing list [email protected]
