Re: [tipc-discussion] [PATCH net-next v2 4/6] tipc: convert configuration server with new sever fac

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Erik Hugne wrote:
>> With interfaces provided by the new server module, the remote management
>> now works very well.
>> So it's unnecessary to remove it. And I still think this is a very cool
>> and useful feature!
>
> I'm a little worried since remote mgmt doesnt require any authentication.
> Even though what you can change remotely is limited, you can still 
> view/alter the state of another node.
>
Yes, there is no any authentication for us using remote management. TIPC 
protocol is designed for communication with local machines within one 
cluster, so security is not its primary goal.
> We're adding IP based bearers soon, this might me a dangerous 
> combination..
> Or am i just being paranoid? :)
>
No, your concern is reasonable. Under internet circumstance security 
becomes very important for us. So if IP bearer is introduced, our 
situation will get different than before. But the good news is that the 
management function _only_ supports to _view_ its peer node state 
remotely by my understanding.

So if we are going to strengthen the security capability of TIPC, maybe 
it's better to consider a completely solution to do this.  For example, 
the remote management not only needs the authentication, but also the 
discovery protocol should also need when two links established.

In all, I think the remote management function can be remained. If 
security is very important for us one day, we can add an extra security 
module.
What do you think?

Regards,
Ying

> //E
>
>
>

Re: [tipc-discussion] [PATCH net-next v2 4/6] tipc: convert configuration server with new sever fac

Cluster wide IPC providing datagram, connection, and bus messaging

Re: [tipc-discussion] [PATCH net-next v2 4/6] tipc: convert configuration server with new sever facility