projects / tinc / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b1f8c65) | patch
Use a control socket directory to restrict access
authorScott Lamb <slamb@slamb.org>
Thu, 8 Nov 2007 19:18:44 +0000 (19:18 +0000)
committerScott Lamb <slamb@slamb.org>
Thu, 8 Nov 2007 19:18:44 +0000 (19:18 +0000)
commitfe2f1fceb546ca4326435cac26bcf3f513e82b43
treef9cb22cf0bf3ce7fadc4553fe86035dbb4074ee7tree | snapshot
parentb1f8c65a2cfa307d9b8ed8cc3c8d4819f605e4f6commit | diff
Use a control socket directory to restrict access

This provides reasonable security even on Solaris. The sysadmin is
responsible for securing the control socket's ancestors from the
grandparent on.

We could add a cryptographic handshake later if desired.
src/control.c diff | blob | history
src/control_common.h diff | blob | history
src/tincctl.c diff | blob | history
src/tincd.c diff | blob | history
tinc, the VPN daemon