On Thursday 03 March 2005 13:47, Nuutti Kotivuori wrote: > [EMAIL PROTECTED] wrote: > > Suggestions? > > FWIW, we have gone off using switch daemon entirely. We are using > simply preallocated tap devices, connected to bridges via normal Linux > bridging controls. Works cleaner and faster, more places to dump the > traffic from and it allows normal linux traffic queueing and > firewalling to be used to limit transfers between machines. > > All physical networks and virtual network (networks not connected to > any physical interfaces) are implemented as bridges. > > The only problem was the tap device queue hang (SIGIO problem), which > was resolved with the one queue option (and hopefully fixed in UML or > mainline kernel later).
I just verified I was inaccurate in the title... the problem which was found was about the setuid uml_net, not uml_switch. It amounts to the possibility for unprivileged users to do the equivalent of "ifconfig down " for chosen interfaces, by simply running uml_net. -- Paolo Giarrusso, aka Blaisorblade Linux registered user n. 292729 http://www.user-mode-linux.org/~blaisorblade ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click _______________________________________________ User-mode-linux-devel mailing list User-mode-linux-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/user-mode-linux-devel
