[olsr-dev] IPC-Protocol / GUI

Marek Lindner (spam-protected)
Thu Nov 18 14:15:54 CET 2004


Ignacio García Pérez wrote:

>I would really like the IPC plugin to be able to serve several clients
>concurrently. However, I realize this poses some problems, since the plugin
>I was thinking about was a "read only" pluging, that is, all clients receive
>information but don't change a thing. If the IPC interface allows changing
>OLSRD configuration, for example, either we trust the clients or we only
>allow the first client to issue "write" operations...
>  
>

You are right - we have a security problem.
The IPC plugin could bind to a trusted (configured) interface instead of 
binding to all.
May be we should add a password protection in combination with simple 
ACLs. Example: User x1 with password y1 has the right to read and write, 
user x2 with password y2 is only allowed to read and all other are not 
allowed to connect.
But how to prevent password sniffing ? Thats where it is getting 
complicated ... ;-)

Marek




More information about the Olsr-dev mailing list