Date: Mon, 16 Dec 1996 13:48:06 +0100 From: Poul-Henning Kamp <phk@critter.tfs.com> To: Bill Paul <wpaul@skynet.ctr.columbia.edu> Cc: current@freebsd.org Subject: Re: Plan for integrating Secure RPC -- comments wanted Message-ID: <11680.850740486@critter.tfs.com> In-Reply-To: Your message of "Sun, 15 Dec 1996 15:22:39 EST." <199612152022.PAA05216@skynet.ctr.columbia.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <199612152022.PAA05216@skynet.ctr.columbia.edu>, Bill Paul writes: Hi Bill, Thanks for sharing your thoughts on this. I finally found time to read it, and here are my comments: For the DES pollution: Put DES in the kernel. This could be as an LKM, which would be the easiest, or as a proper kernel-source file, which would be slightly harder to manage distributions-wise. Result: * You avoid your planned hack. * We could do away with the two versions if libcrypt we have now, and collapse them into one. * Which makes the dual versions of /bin/ed, /sbin/init ... unneeded. * Our secure dist would consist of only the LKM file. Drawback: * Minor optional kernel bloat. For the issue of a secure local transport: Wouldn't it be pretty easy to fortify our IP implementation a bit ? 1. reject anything with source/dest 127.0.0.0/8 on anything but the lo0 interface. (Add a interface flag for this and only set that flag in if_lo.c) 2. In the case of a destination of 0.0.0.0, Instead of the first interface we happen to find, use the lo0 interface and the 127.0.0.1 address. This way you could use tcp/udp and be safe I belive. For the issue of authenticated local transport: Instead of an LKM, put the code in the kernel. It shouldn't be too hard to make it a getsockopt() instead of a LKM. -- Poul-Henning Kamp | phk@FreeBSD.ORG FreeBSD Core-team. http://www.freebsd.org/~phk | phk@login.dknet.dk Private mailbox. whois: [PHK] | phk@tfs.com TRW Financial Systems, Inc. Power and ignorance is a disgusting cocktail.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?11680.850740486>