Nicolas Williams writes:
> But more importantly, I'm not sure we can really restrict IPC at all.
> You can always use plain regular files for IPC.
Agreed. But the argument gets strange from that point on. If we
don't restrict local IPC, why would we restrict loopback use of any
networking protocol? The same argument seems to say that we should
not do that.
At that point, the operation of the network-restricting feature
becomes quite a bit more intricate. It might be something like:
PRIV_NET_EXTERNAL_ACCEPT
- Accept connections from peers that are not on the same
physical machine as the current process. Not sure whether
other _zones_ qualify here or not. Affects connection-
oriented transports (TCP, SCTP).
PRIV_NET_EXTERNAL_CONNECT
- Allow outbound connections to peers that are not on the same
physical machine. Affects connection-oriented transports.
PRIV_NET_EXTERNAL_PACKETS
- Send to or receive datagrams from peers that are not on the
same physical machine. Affects datagram-oriented transports
(such as UDP).
But I'm not sure how far you can go down that road before you've
invented per-application packet filters.
--
James Carlson, KISS Network <[EMAIL PROTECTED]>
Sun Microsystems / 1 Network Drive 71.232W Vox +1 781 442 2084
MS UBUR02-212 / Burlington MA 01803-2757 42.496N Fax +1 781 442 1677
_______________________________________________
networking-discuss mailing list
[email protected]
