Hi Andreas, Andreas Barth wrote: [...] > Reasoning for this is that opening listening sockets with the network > allows "better" ways to exploit security bugs than in the traditional > unix filesystem. >
Erm, excuse me but that argument sounds rather silly to me. Over the years there have been many daemons that have completely moved away from unix domain sockets to using standard network sockets because it provides more flexibility and supporting both means more code to maintain and support. If a daemon supports both methods I'd be more inclined to making the application drop unix domain sockets support and invest more time improving and securing the network sockets usage. Cheers, -- Raphael Geissert - Debian Developer www.debian.org - get.debian.net -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
