Garrett D'Amore writes: > I think this may warrant promotion to a fast track.
Definitely. > In particular, the interface that the LMS exports to the rest of the > system (perhaps just acting as an HTTP proxy) warrants some basic review. > > The questions I'd like to see answered in a fasttrack are: > > 1) does LMS export any interface over the network? (If its a web > proxy....) > > 2) what is the administrative interface to manage the LMS service? > (SMF? properties for managing what port it binds to, etc?) > > 3) how does this fit within secure-by-default? Does the service > listen only to IN_ADDR_ANY, or does it open up a port accessible to the > entire network? More generally: have you looked at the security questionnaires? How do you comply with them? http://www.opensolaris.org/os/community/arc/policies/ITS/ http://www.opensolaris.org/os/community/arc/policies/NITS-policy/ http://www.opensolaris.org/os/community/arc/bestpractices/security-questions/ Are the port numbers involved registered with IANA? What security is provided? What privileges are required to talk with the kernel driver? What does that kernel driver do? Would it be necessary for someone inside a non-global zone to access that driver? If not, why not? If so, then how is that secured? How about inside an xVM instance? -- James Carlson, Solaris Networking <james.d.carlson at sun.com> Sun Microsystems / 35 Network Drive 71.232W Vox +1 781 442 2084 MS UBUR02-212 / Burlington MA 01803-2757 42.496N Fax +1 781 442 1677
