> > Perhaps I'm misunderstanding part of the proposal, but having hardcoded > > policy in applications that cannot be overridden (e.g., by an admin who > > never wants to let DHCP through for a certain environment) seems bad. > > This would be a misconfigured system.
I'm not sure I follow what you're saying, so let me try a different way of asking my question. Suppose I'm an admin and I want to lock down the system such that it send or receive DHCP, period. Now suppose something on the system (e.g., NWAM) decides to start up DHCP, and I'm unaware of this. Will my wishes be honored or not? > The policy bypass would only be in effect if dhcpagent was running > because it's a socket option applied to open sockets. > > dhcpagent would only be run if the system were configured to use DHCP to > get an address. > > If the system is configured to use DHCP to get an address, but there's a > security policy in place preventing DHCP packets from entering or > leaving the interface, then the interface won't get an address and bits > won't move at all. -- meem
