(Illustration by Gaich Muramatsu)
On Sat, Feb 26, 2000 at 10:55:38AM -0500, Robert Watson wrote: > Greg, > > Sounds great, and a far cry improvement over today's Coda.. IPsec can > solve many but not all of the Coda security problems. It cannot address > the issue of untrusted clients--if you limit connectivity to IPsec pairs, > then those pairs are completely trusted. Access to a token is sufficient > to reveal the server secret, so any user with access can create tokens for > any other user. It also doesn't protect the client from use of the Mariner > port, and as we use a portmapper and dynamic port allocation, identifying > Coda ports is more difficult than it used to be. The mariner port has already moved to a unix domain socket, which is slightly more secure than an open tcp port. The portmapper is more difficult. But it is only used by the updateclnt/updatesrv, which are in turn only used to syncronize the files in /vice/db and that (+ notifying the servers of updates) could be done using rdist over ipsec or some ssh/ssl tunnel. JanReceived on 2000-02-26 14:53:10