:57 AM
To: Peter Jeremy
Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: Re: jail support for ping, traceroute, etc.. crude hack
On Mon, Mar 17, 2003 at 10:06:27AM +0300, .@babolo.ru wrote:
It is time to invent ping socket and traceroute socket
in addition to tcp, udp, divert so on?
Whilst
On Mon, Mar 17, 2003 at 10:06:27AM +0300, .@babolo.ru wrote:
It is time to invent ping socket and traceroute socket
in addition to tcp, udp, divert so on?
Whilst this might seem nice, actually implementing so that it is
both useful and safe is not easy.
For a ping socket, this is
so, i am working on building a super-server for me
and several friends to collaborate with on the money front
to put our machine in a colo location, etc.. and still have good
access to networking resources.
as a result, i needed to modify the FreeBSD kernel such
that it will
/
lifeafterking.org: http://www.lifeafterking.org/
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Jared Mauch
Sent: Sunday, March 16, 2003 1:14 PM
To: [EMAIL PROTECTED]
Subject: jail support for ping, traceroute, etc.. crude hack
so, i am working
PROTECTED]
Subject: jail support for ping, traceroute, etc.. crude hack
so, i am working on building a super-server for me
and several friends to collaborate with on the money front
to put our machine in a colo location, etc.. and still have good
access to networking resources
Jail is irrelevant if an attacker can access the kernel.
It sounds like you're looking for a secure solution that UNIX doesn't
even have the capability to implement. The real solution in a BSD
environment would be too elaborate for my taste. It would make
more sense to me to move away from UNIX ;)
On Sun, Mar 16, 2003 at 02:30:36PM -0800, Mooneer Salem wrote:
When i was looking at this i was somewhat frustated with
the way suser() doesn't really allow any sort of a context-of-check
to happen easily that i was able to find. ie, was it for a networking
check, filesystem, etc..
On Mon, Mar 17, 2003 at 10:06:27AM +0300, .@babolo.ru wrote:
It is time to invent ping socket and traceroute socket
in addition to tcp, udp, divert so on?
Whilst this might seem nice, actually implementing so that it is
both useful and safe is not easy.
For a ping socket, this is reasonably easy
8 matches
Mail list logo