From owner-freebsd-security  Sat Sep 18 23:55:54 1999
Delivered-To: freebsd-security@freebsd.org
Received: from critter.freebsd.dk (critter.freebsd.dk [212.242.40.131])
	by hub.freebsd.org (Postfix) with ESMTP id 4947B15223
	for <security@FreeBSD.ORG>; Sat, 18 Sep 1999 23:55:46 -0700 (PDT)
	(envelope-from phk@critter.freebsd.dk)
Received: from critter.freebsd.dk (localhost [127.0.0.1])
	by critter.freebsd.dk (8.9.3/8.9.2) with ESMTP id IAA14674;
	Sun, 19 Sep 1999 08:53:06 +0200 (CEST)
	(envelope-from phk@critter.freebsd.dk)
To: Matthew Dillon <dillon@apollo.backplane.com>
Cc: "Rodney W. Grimes" <freebsd@gndrsh.dnsmgr.net>,
	imp@village.org (Warner Losh), liam@tiora.net (Liam Slusser),
	kdrobnac@mission.mvnc.edu (Kenny Drobnack),
	Harry_M_Leitzell@cmu.edu (Harry M. Leitzell), security@FreeBSD.ORG
Subject: Re: BPF on in 3.3-RC GENERIC kernel 
In-reply-to: Your message of "Sat, 18 Sep 1999 23:34:26 PDT."
             <199909190634.XAA68995@apollo.backplane.com> 
Date: Sun, 19 Sep 1999 08:53:06 +0200
Message-ID: <14672.937723986@critter.freebsd.dk>
From: Poul-Henning Kamp <phk@critter.freebsd.dk>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org


Final email from here:

Matt, you have not done anything to show that changing the ip_number
field to a sockaddr will be enough to support IPv6 or any other
protocol in the future.  Remember that IPv4 is a very simple
protocol, most others are not, in particular IPv6 it seems.

I do not see a reason to change an interface which is already
deployed, and which have been so for more than 1.5 years, "just in
case it might be enough to support IPv6."

I will therefore not make any changes to the jail(2) syscalls
arguments until such time as we know what arguments will actually
be needed for jail(2) under IPv6, or any other protocol for that
matter. 

Poul-Henning

In message <199909190634.XAA68995@apollo.backplane.com>, Matthew Dillon writes:
>
>:You have not proved or even shown that changing this particular
>:element will be enough to guarantee that we can support other
>:protocols in the future.
>:
>:The only thing that can be done to the jail(2) syscall to improve
>:it in that respect is to add a version number as the first element,
>:I would have no problem with that.
>:
>:--
>:Poul-Henning Kamp             FreeBSD coreteam member
>
>    Well, I see it quite differently.  I believe I have given ample
>    justification for asking that the system call be cleaned up before it
>    is exposed to wider use.  You're making a blanket comments saying
>    "Matt hasn't proved..." and not even trying to address the issues 
>    brought up doesn't really pull any weight with me.  Try addressing
>    the issues that were brought up instead.
>
>					-Matt
>					Matthew Dillon 
>					<dillon@backplane.com>
>
>
>To Unsubscribe: send mail to majordomo@FreeBSD.org
>with "unsubscribe freebsd-security" in the body of the message
>

--
Poul-Henning Kamp             FreeBSD coreteam member
phk@FreeBSD.ORG               "Real hackers run -current on their laptop."
FreeBSD -- It will take a long time before progress goes too far!


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message