[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Shared Locator Address Pool (SLAP) protocol proposal



Spencer,

SD> - protecting different users of multi6 on a single node from each
...
SD> - protecting different users of multi6 on a single node from each
...
SD> - protecting all the users of multi6 on a single node from attackers

The fact that SLAP involves multiple instances of the control protocol
does not necessarily mean that the instances are under the control of
different users.

Of course, a user can take over the kernel of a machine, but there is
nothing we can do about that problem.

So, the normal scenario is that the control protocol instantiations are
running in the operating system.  Different users might be the cause of
having multiple instantiations, just like they might be the cause of
multiple TCP connections. But that does not mean the users have special
priviledges over each other.

Note that the pool of TCP connections is "shared" state, of exactly the
type that we have with SLAP.  Do we view that shared, TCP pool as a
security risk?

d/
--
 Dave Crocker <dcrocker-at-brandenburg-dot-com>
 Brandenburg InternetWorking <www.brandenburg.com>
 Sunnyvale, CA  USA <tel:+1.408.246.8253>