[Olsr-dev] Fwd: Bug#532573: olsrd: olsrd_dot_draw does not honor the "accept" parameter
Henning Rogge
(spam-protected)
Tue Aug 4 14:48:11 CEST 2009
Am Dienstag 04 August 2009 14:25:21 schrieb Sebastian Harl:
> Well, imho there is no need to let a socket listen on all interfaces if,
> e.g., all but local connections are blocked anyway. So, I'm not covering
> any use-cases that are not covered by "accept" as well but it might be
> somewhat more convenient in some cases (imho).
If you bind the socket on an interface (eth0 towards your local net) for
example, you cannot access it on the router, right ? So it will give you more
security (kernel checks the interface, not some OLSR userspace code), but
limit your configuration choices (the ACL in the development version of OLSRd
allows multiple IPs/networks as white- and blacklists).
Henning
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.olsr.org/pipermail/olsr-dev/attachments/20090804/5d8a683b/attachment.sig>
More information about the Olsr-dev
mailing list