Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id ; Sun, 17 Nov 2002 15:25:22 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id ; Sun, 17 Nov 2002 15:25:22 -0500 Received: from ebiederm.dsl.xmission.com ([166.70.28.69]:22354 "EHLO frodo.biederman.org") by vger.kernel.org with ESMTP id ; Sun, 17 Nov 2002 15:25:21 -0500 To: Jamie Lokier Cc: Larry McVoy , Alan Cox , Linux Kernel Mailing List Subject: Re: lan based kgdb References: <1037490849.24843.11.camel@irongate.swansea.linux.org.uk> <20021116193008.C25741@work.bitmover.com> <20021117201026.GB1851@bjl1.asuk.net> From: ebiederm@xmission.com (Eric W. Biederman) Date: 17 Nov 2002 13:31:57 -0700 In-Reply-To: <20021117201026.GB1851@bjl1.asuk.net> Message-ID: User-Agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.1 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1597 Lines: 28 Jamie Lokier writes: > Eric W. Biederman wrote: > > As long as the network console/debug interface includes basic a basic > > check to verify that the packets it accepts are from the local network. > > And it's outgoing packets have a ttl of one. I don't have a problem. > > Is there a working network console? It would be _great_ to have a > network console to my _remote_ server, far far away on the internet. There are bits and pieces, and a lan based kgdb is basically the same problem security wise. When you allow any kind of control the security cannot be in the console protocol. Therefore it can only be used on a trusted lan and be only talk to local addresses. At the same time if you have two remote machines on that trusted lan you can use one to control the other. Knowing that a root exploit on one likely becomes a root exploit on both. And weather or not we have one at the moment, it is an active area of research. We just need to get a useable security model. And I think enforcing that the console be on a secure lan where every connected machine is trusted is a good first draft, at the latter. So I do not think this is the kind of thing that will help if you only have one _remote_ server, far far away on the internet, but when you start getting a collection of them it may help. Eric - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/