[Nut-upsdev] Re: [nut-commits] svn commit r714 - in trunk: .
server
Arjen de Korte
nut+devel at de-korte.org
Wed Jan 10 15:36:39 CET 2007
>> The question remains how to migrate to the new situation.
[...]
>> But would it be wise to open an AF_INET6
>> socket bound to [::] as well, or would that open up a security hole?
> errr... wait. you keep saying upsd only has one listening socket for
> now, and now you want to open two? :)
We only have one listening socket now, but in the *new* situation, we'll
be able to support an arbitrary number. OK, in reality this will probably
limited by the amount the system is able to support, but I don't think nut
must set a limit here. The question I had, if an AF_INET6 socket bound to
[::] has security implications, if we would create this as 'service' when
nut-2.2 is installed. Thinking it over, this is probably *not* a very good
idea. A system administrator may not have noticed that we opened this
socket without any access policy.
Best regards, Arjen
--
Eindhoven - The Netherlands
Key fingerprint - 66 4E 03 2C 9D B5 CB 9B 7A FE 7E C1 EE 88 BC 57
More information about the Nut-upsdev
mailing list