From owner-freebsd-net@FreeBSD.ORG  Fri Jun 16 17:22:21 2006
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
X-Original-To: freebsd-net@FreeBSD.org
Delivered-To: freebsd-net@FreeBSD.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id AFC4A16A474;
	Fri, 16 Jun 2006 17:22:21 +0000 (UTC)
	(envelope-from gordon@FreeBSD.org)
Received: from spiff.melthusia.org (spiff.melthusia.org [207.67.244.17])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 56F3E43D49;
	Fri, 16 Jun 2006 17:22:21 +0000 (GMT)
	(envelope-from gordon@FreeBSD.org)
Received: from [192.168.1.50] (cpe-66-91-238-221.san.res.rr.com
	[66.91.238.221]) (authenticated bits=0)
	by spiff.melthusia.org (8.12.10/8.12.10) with ESMTP id k5GHMIiR038251; 
	Fri, 16 Jun 2006 10:22:19 -0700 (PDT)
	(envelope-from gordon@FreeBSD.org)
Message-ID: <4492E8CE.1020405@FreeBSD.org>
Date: Fri, 16 Jun 2006 10:22:22 -0700
From: Gordon Tetlow <gordon@FreeBSD.org>
User-Agent: Thunderbird 1.5.0.4 (Windows/20060516)
MIME-Version: 1.0
To: Max Laier <max@love2party.net>
References: <20060615225312.GB64552@heff.fud.org.nz>	<200606161735.33801.max@love2party.net>	<d5992baf0606160841u39594c81y870a894b56d1e30c@mail.gmail.com>
	<200606161805.06651.max@love2party.net>
In-Reply-To: <200606161805.06651.max@love2party.net>
X-Enigmail-Version: 0.94.0.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Cc: freebsd-net@FreeBSD.org, freebsd-arch@FreeBSD.org,
	Andrew Thompson <thompsa@FreeBSD.org>, Scott Ullrich <sullrich@gmail.com>
Subject: Re: enc0 patch for ipsec
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: gordon@tetlows.org
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 16 Jun 2006 17:22:21 -0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Max Laier wrote:
> On Friday 16 June 2006 17:41, Scott Ullrich wrote:
>> On 6/16/06, Max Laier <max@love2party.net> wrote:
>>> I think it should get a "device enc" on its own.  Some people might
>>> consider enc(4) to be a security problem so getting it with FAST_IPSEC
>>> automatically isn't preferable.
>> You have to specifically create the enc0 interface (ifconfig enc0
>> create) before it becomes active.  Otherwise it will not hit the enc
>> code path unless the device is created.
> 
> The issue is, if an attacker manages to get root on your box they are 
> automatically able to read your IPSEC traffic ending at that box.  If you 
> don't have enc(4) compiled in, that would be more difficult to do.  Same 
> reason you don't want SADB_FLUSH on by default.

Max is absolutely right here. The snooping interface should be a
separate option altogether (a la bpf).

- -gordon
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFEktfGRu2t9DV9ZfsRAvyzAJ9jnUigVW7t2SGV89vXStXAZ30b7QCeJ4tZ
tBeTqHk9LofxCRf40uFvpZE=
=RGmG
-----END PGP SIGNATURE-----