From: Jeff D. <jd...@ka...> - 2000-03-14 01:42:27
|
> The ethertap could be brought up once during host system boot and left > until uml-linux is started. Just for example: Boot scripts bring up > tap0 w/ 192.168.0.254, ptp -> 192.168.0.253, and add a route to .253. > /dev/tap0 is given mode 660, owned by root/uml-group. If you're doing serious network stuff, you'd want a bunch of them, and I'd be somewhat concerned about potentially locking out other ethertap users. Also, the fact that both ends are configured a boot time before a uml runs means that the uml net setup scripts need to change to just accept whatever IP address the uml's /dev/tap has. It also means that the IP address needs to be read out of the network driver somehow and fed back into ifconfig so that the network layer knows its own IP address. > The right to access host networking is now down to whether ./linux is > able to read and write to a preconfigured /dev/tap0. Is that a more > elegant approach? It's better, but I'm not all that happy with it. What security problems arise from letting normal users set the ptp address (assuming that address isn't already used) of an otherwise configured /dev/tap and letting them send and receive packets over it? That's what I'd really like to be able to do. Jeff |