The only things that you can do without pretty solid crypto support are
authorized host lists and misplacing the trust to the client machines
authentication.  Since these provide next to no security (except for
limiting connections to localhost), there isn't much point in making this
kind of authentication pluggable.  Stunnel + only-localhost + current
security (pluggable) limits should be pretty good, though.

On Tue, Jun 16, 2009 at 6:01 PM, Gustavo Niemeyer <>wrote:

> > Remember that the patch is almost trivial.  Add a configuration option
> > acceptConnectionsOnlyFromLocalHost, and then in the server connect logic
> > reject non-localhost attempts (and log a security note).
> Sorry, I was actually pondering about it in comparison with the
> investment in implementing some kind of plugin system to allow
> server-wide access restrictions.  This shouldn't be too hard to hack
> in either, but it'd be best to have some kind of agreement on how to
> do it "correctly" so that the work can be integrated upstream, and
> this would require some additional involvement to get the APIs right.

Reply via email to