[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [gomd-devel] <DAEMON>: W.I.P: ACL-support status.
From: |
Gian Paolo Ghilardi |
Subject: |
Re: [gomd-devel] <DAEMON>: W.I.P: ACL-support status. |
Date: |
Sat, 5 Jul 2003 20:00:29 +0200 |
Hi all.
> sounds well thought of. If we can provide this security
> option to the gomd-users, we should.
>
> .... i just thought about it a bit and here is another idea about security
:
>
> Maybe we can run the gomd by xinetd !?
> Then we can simply use the tcp-wrapper (hosts.allow, hosts.deny)
> to filter the gomd access by ip addresses.
> .... as usual just an idea, maybe worth to test (the mosstatd can
> be run like this too)
>
> anyways i like JP's idea too. good work :)))
Uhm... Your idea is nice, Matt.
Only a thing: xinetd will be a new option for gomd.
In fact xinetd cannot replace ACL as functionality:
- Xinetd-support (only) allows or denies connections.
- ACL-support allows or denies connections && _defines_ exactly what a
client can do and what he cannot.
Anyway xinetd-support is useful and will be inserted in the future revision
of the .plan.
So gomd will support:
- native ACL
- PAM
- xinetd
- (maybe) tcp-wrapper
Ok?
Thanks for your help, Matt (as usual your idea are interesting :) ).
Byez.
<rejected>