Jun-ichiro itojun Hagino wrote:
it can be application-specific, without application modification.
check out "systrace" by Niels Provos.
it's useful but it really isn't flexible enough to remove the need for
applications to be able to specify policies.
i wonder how many command line options will be added to the
applications once you start adding up policy stuff... sendmail.cf
lookalike for every apps?
well, I do think we need a policy specification language that lets
policies for use of the network be specified independently of the
application. I just don't
think it will be sufficient for all applications.
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf