Date: Fri, 16 Jun 2006 18:14:12 +0200 From: Max Laier <max@love2party.net> To: "Scott Ullrich" <sullrich@gmail.com> Cc: freebsd-net@freebsd.org, Andrew Thompson <thompsa@freebsd.org>, freebsd-arch@freebsd.org Subject: Re: enc0 patch for ipsec Message-ID: <200606161814.19336.max@love2party.net> In-Reply-To: <d5992baf0606160909q66df7c05wf0cd133196339f03@mail.gmail.com> References: <20060615225312.GB64552@heff.fud.org.nz> <200606161805.06651.max@love2party.net> <d5992baf0606160909q66df7c05wf0cd133196339f03@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] On Friday 16 June 2006 18:09, Scott Ullrich wrote: > On 6/16/06, Max Laier <max@love2party.net> wrote: > > The issue is, if an attacker manages to get root on your box they are > > automatically able to read your IPSEC traffic ending at that box. If you > > don't have enc(4) compiled in, that would be more difficult to do. Same > > reason you don't want SADB_FLUSH on by default. > > Okay, this makes sense. But couldn't you also argue that if someone > gets access to the machine they could also use tcpdump to do the same > thing technically on the internal interface? Just playing devils > advocate.. :) Think tunnel2tunnel or an SA for a local connection, then. Given, if you are root you *might* have other means to obtain that information, but that is why we have a switch to turn off bpf, kmem or the like. -- /"\ Best regards, | mlaier@freebsd.org \ / Max Laier | ICQ #67774661 X http://pf4freebsd.love2party.net/ | mlaier@EFnet / \ ASCII Ribbon Campaign | Against HTML Mail and News [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (FreeBSD) iD8DBQBEktjbXyyEoT62BG0RAmjNAJ9WLPc7LByESWUlyzHR/dt0J9OiigCbBAms Fo8vKq0DHjCKaUeltXeskjk= =FL6S -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200606161814.19336.max>