>
> Another technique that could be used, and gets discussed occasionally on
> -security, is passing authentication information via ancillary data
> transfer on UNIX domain sockets. You could limit the effectiveness of DOS
> attacks by rate limiting per-uid, for example.
Why is this being discussed as if it is new?
This is what my tool _does_, for crying out loud!!
> It should be noted that both the old and new schemes are subject to
> denial of service--the old due to locking, and the new due to socket/IPC
> limits, among other things. I would argue, however, that the new
> mechanism reduces risk as it would allow us to remove the setuid bit from
> a number of binaries, instead relying on a single auditable code base in
> the password file manager.
Right!! Forward motion.
> If we plan to move to more daemons using IPC to communicate in this style,
> we might want to think about consistency guidelines for doing this. For
> example, mandating an LPC structure of some sort, or managing parallelism
> on a single pipe, etc. Also, documenting techniques that tend to reduce
> the risk of denial of service for daemons offering IPC services.
Sure. Code/Documetation welcome.
M
--
Mark Murray
Join the anti-SPAM movement: http://www.cauce.org
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
