Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 16 Dec 1996 13:48:06 +0100
From:      Poul-Henning Kamp <phk@critter.tfs.com>
To:        Bill Paul <wpaul@skynet.ctr.columbia.edu>
Cc:        current@freebsd.org
Subject:   Re: Plan for integrating Secure RPC -- comments wanted 
Message-ID:  <11680.850740486@critter.tfs.com>
In-Reply-To: Your message of "Sun, 15 Dec 1996 15:22:39 EST." <199612152022.PAA05216@skynet.ctr.columbia.edu>
next in thread | previous in thread | raw e-mail | index | archive | help 
In message <199612152022.PAA05216@skynet.ctr.columbia.edu>, Bill Paul writes:

Hi Bill,

Thanks for sharing your thoughts on this.  I finally found time to
read it, and here are my comments:

For the DES pollution:

Put DES in the kernel.

	This could be as an LKM, which would be the easiest, or as
	a proper kernel-source file, which would be slightly harder
	to manage distributions-wise.

    Result:
	* You avoid your planned hack.
	* We could do away with the two versions if libcrypt we have
	  now, and collapse them into one.
	* Which makes the dual versions of /bin/ed, /sbin/init ... 
	  unneeded.
	* Our secure dist would consist of only the LKM file.

    Drawback:
	* Minor optional kernel bloat.


For the issue of a secure local transport:

Wouldn't it be pretty easy to fortify our IP implementation a bit ?

	1. reject anything with source/dest 127.0.0.0/8 on anything
	   but the lo0 interface.  (Add a interface flag for this and
	   only set that flag in if_lo.c)

	2. In the case of a destination of 0.0.0.0, Instead of the 
	   first interface we happen to find, use the lo0 interface
	   and the 127.0.0.1 address.

This way you could use tcp/udp and be safe I belive.

For the issue of authenticated local transport:

Instead of an LKM, put the code in the kernel.  It shouldn't be too
hard to make it a getsockopt() instead of a LKM.

--
Poul-Henning Kamp           | phk@FreeBSD.ORG       FreeBSD Core-team.
http://www.freebsd.org/~phk | phk@login.dknet.dk    Private mailbox.
whois: [PHK]                | phk@tfs.com           TRW Financial Systems, Inc.
Power and ignorance is a disgusting cocktail.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?11680.850740486>