On Sep 04, 2007, at 10:02:46, Tetsuo Handa wrote:
Hmm, I can't understand why I have to perform access control at
"enqueue" time.
What I want to do is
allow process1 receive UDP packets from 10.0.0.1 port 1024
allow process2 receive UDP packets from 10.0.0.2 port 2048
when there is no guarantee that process1 and process2 are not
sharing a socket.
If there is guarantee that process1 and process2 are not sharing a
socket,
I can do it using netfilter.
Well, we used to be able to do that with netfilter but it had the
same unfixable race conditions that you are presently running into
and so such support was dropped by the netfilter folks. I suspect if
you CC'ed [email protected] you would get some very precise
reasons why such filtering doesn't work.
Cheers,
Kyle Moffett
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
