Date: Thu, 18 Nov 1999 12:57:31 +0100 From: "Jeroen C. van Gelderen" <jeroen@vangelderen.org> To: Yoshinobu Inoue <shin@nd.net.fujitsu.co.jp> Cc: phk@critter.freebsd.dk, beyssac@enst.fr, freebsd-hackers@FreeBSD.ORG, freebsd-security@FreeBSD.ORG Subject: Re: Should jail treat ip-number? Message-ID: <3833E9AB.13864ECA@vangelderen.org> References: <19991117153126C.shin@nd.net.fujitsu.co.jp> <289.942825543@critter.freebsd.dk> <199911172340.PAA23345@gndrsh.dnsmgr.net> <19991118042404X.shin@nd.net.fujitsu.co.jp>
next in thread | previous in thread | raw e-mail | index | archive | help
Yoshinobu Inoue wrote: > If explicit needs for "multiple addrs per address family" are > not clear now, I would like to try to implement just adding > ip6_number member for this time. I think sockaddrs are better because it allows you to change to multiple IP-support without changing the interface again. Or you can add IPX (whatever) support without disturbing existing applications... I'd say (but I'm not a real hacker) make jail accept a list of sockaddrs and -for now- disallow anything except a single IPv4 and a single IPv6 address in that list. I'm now pretty sure multiple IPs per jail is a good idea, but you can easily defer implementation to some point in the future... Cheers, Jeroen -- Jeroen C. van Gelderen - jeroen@vangelderen.org Interesting read: http://www.vcnet.com/bms/ JLF To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3833E9AB.13864ECA>