| commit | b2f9ea39acc0d67ee553a5371c96be51f8a6b968 | |
| author | rd235 <rd235@d37a7db1-d92d-0410-89df-f68f52f87b57> | |
| Sat, 21 Mar 2009 08:32:45 +0000 (21 08:32 +0000) | ||
| committer | rd235 <rd235@d37a7db1-d92d-0410-89df-f68f52f87b57> | |
| Sat, 21 Mar 2009 08:32:45 +0000 (21 08:32 +0000) | ||
| tree | 90488ebdf3c484a844628688db93bffec1d43657 | treesnapshot (tar.gz zip) |
| parent | fef423410fce43e27c5b35313c7fe271ba7ac462 | commitdiff |
Vde_plug sets automagically the minimum permissions
needed by the switch for the comm socket.
This means that:
switches run by root or owned and used by the same user are safe from sniffing.
for switches run by a user, and shared inside a group or open throughout the
entire system: all the users that can use the switch could use tricky code
to read/write packets on other ports. If the access is restricted to a group,
the switch is safe from the other users.
git-svn-id: https://vde.svn.sourceforge.net/svnroot/vde/trunk@354 d37a7db1-d92d-0410-89df-f68f52f87b57
needed by the switch for the comm socket.
This means that:
switches run by root or owned and used by the same user are safe from sniffing.
for switches run by a user, and shared inside a group or open throughout the
entire system: all the users that can use the switch could use tricky code
to read/write packets on other ports. If the access is restricted to a group,
the switch is safe from the other users.
git-svn-id: https://vde.svn.sourceforge.net/svnroot/vde/trunk@354 d37a7db1-d92d-0410-89df-f68f52f87b57
| vde-2/src/lib/libvdeplug.c | diffblobblamehistory | |
| vde-2/src/vde_switch/datasock.c | diffblobblamehistory |