On Wed, 2008-08-27 at 16:15 -0700, Darren Reed wrote:
> Bill, my thoughts on this are that this project is primarily aimed
> at delivering access control for running network services, rather
> than being a network firewall per se - if you like, this project is
> more concerned with being a host based firewall and not a
> network chokepoint.

That this is aimed at a "host firewall" use case was quite clear from
the spec.  

The very nature of firewalls -- host, or network -- is that they must
occupy some sort of chokepoint between entities which need protection
and the big bad internet.  If they can be bypassed, they don't do any
good.

> But that said, the greater question you've asked is a good one:
> is it an acceptable policy to allow service administrators, rather
> than a host administrator to control network access to a service?

Unless I'm mistaken, the spec as written would allow *any* service
administrator to inject essentially arbitrary rules into the global
ipf.conf.

> I suppose the question you're asking is what if the systems policy
> is to allow delegation of the control of the services but not control
> over network access to the services? Is that just a simple matter
> of more ownership/access rights on the various SMF properties?

the spec does not talk about such matters.

> But if there is an overall policy that should be applied instead,
> like you are suggesting, then my take on this is that it falls outside
> of what this project is delivering.

so this project is just intended to provide the impression of security
without actually providing any real controls on traffic flow?


Reply via email to