[lcdproc] "named pipe" is different from/dev/lcdkernel code. :-)]
Chris Debenham - eSun Systems Engineer
chris.debenham@aus.sun.com
Fri, 23 Mar 2001 10:12:58 +1100
A point I was thinking about in relation to socket/named pipes is the idea of security.
Network sockets are by very nature in-secure (even with authentication there is still the chance of buffer overflows etc) so it may be a good idea to give the option of named pipes to those who need them, but use sockets for all others. By allowing sockets (and using tcp_wrappers) you would allow remote LCDs, remote clients etc but as long as there is the option to use named pipes security would be possible.
Another thought: can named pipes be NFS exported? In this way user-level security could be enforced by exporting it only to certain machine and with a suitable set of permissions. This would reduce the need for network sockets, but still allow remote access.
Chris
--
--------------------------------------------------------------------------------
,-_|\ Systems Engineer - eSun E-mail : chris.debenham@Aus.sun.com
/ \ Sun Microsystems Australia Pty Ltd. Direct : +61 (2) 9844 5188
\_,-\_* 828 Pacific Highway Phone : +61 (2) 9844 5000
v Gordon, N.S.W. 2072 Fax : +61 (2) 9844 5189
Mobile : +61 (40) 9844 514
--------------------------------------------------------------------------------
Nothing Is Foolproof To A Sufficiently Talented Fool.
-----------------------------------------------------------
To unsubscribe from this list send a blank message to
lcdproc-unsubscribe@lists.omnipotent.net