Re: chroot BIND Re: Task harden.

To: debian-devel@lists.debian.org
Subject: Re: chroot BIND Re: Task harden.
From: Brian May <bam@debian.org>
Date: 04 Apr 2001 21:23:53 +1000
Message-id: <[🔎] 84k850rjqu.fsf@snoopy.apana.org.au>
In-reply-to: <[🔎] E14kkk6-0005iQ-00@gondolin.me.apana.org.au>
References: <[🔎] 01040413542200.07700@lyta> <[🔎] E14kkk6-0005iQ-00@gondolin.me.apana.org.au>

>>>>> "Herbert" == Herbert Xu <herbert@eriador.apana.org.au> writes:

    Herbert> Russell Coker <russell@coker.com.au> wrote:
    >> It seems that there is no system call to read a UDP packet from
    >> a socket and discover which local address it was sent to.  If
    >> you want your UDP based

    Herbert> recvfrom(2)

I believe recvfrom will only give the remote address (where the packet
come from), not the local address (where the packet was addressed).

    >> server to use as the source address the same IP that the client
    >> sent the request to (necessary to attempt security) then you
    >> need to have multiple sockets.

    Herbert> OK, this answers my question.  There isn't a way to send
    Herbert> UDP packets out with a set from address unless you bind
    Herbert> to it.  Now I would be happy if there were a "ndc
    Herbert> discif".

That could be a problem, too.
-- 
Brian May <bam@debian.org>

Reply to:

Follow-Ups:
- Re: chroot BIND Re: Task harden.
  - From: Taral <taral@taral.net>

References:
- Re: chroot BIND Re: Task harden.
  - From: Russell Coker <russell@coker.com.au>
- Re: chroot BIND Re: Task harden.
  - From: Herbert Xu <herbert@gondor.apana.org.au>

Prev by Date: Configuration Files created at Installation Time
Next by Date: Re: Configuration Files created at Installation Time
Previous by thread: Re: chroot BIND Re: Task harden.
Next by thread: Re: chroot BIND Re: Task harden.
Index(es):
- Date
- Thread