On Mar 17, 2008, at 18:10 , Michael Stone wrote:
> Bert,
>
> It's still in early prototyping so there's substantial flexibility to
> adapt it to do what we need.
>
> At present, sys_disablenetwork() disables calls to socket(),
> connect(),
> bind(), and sendmsg() for address families other than
Bert,
It's still in early prototyping so there's substantial flexibility to
adapt it to do what we need.
At present, sys_disablenetwork() disables calls to socket(), connect(),
bind(), and sendmsg() for address families other than AF_UNIX. (I.e. all
unix sockets should still work and everything e
On Mar 16, 2008, at 15:00 , Walter Bender wrote:
> 18. Rainbow: Michael Stone prototyped a network isolation primitive
> described by Daniel Bernstein
> (http://cr.yp.to/unix/disablenetwork.html), demoed an activity in
> which a web browser and an HTTP server work together to examine the
> filesys
