Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id ; Sun, 17 Nov 2002 18:45:37 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id ; Sun, 17 Nov 2002 18:45:37 -0500 Received: from ns.suse.de ([213.95.15.193]:33802 "EHLO Cantor.suse.de") by vger.kernel.org with ESMTP id ; Sun, 17 Nov 2002 18:45:36 -0500 To: ebiederm@xmission.com (Eric W. Biederman) Cc: linux-kernel@vger.kernel.org Subject: Re: lan based kgdb References: <1037490849.24843.11.camel@irongate.swansea.linux.org.uk.suse.lists.linux.kernel> <20021116193008.C25741@work.bitmover.com.suse.lists.linux.kernel> <200211180725.27450.bhards@bigpond.net.au.suse.lists.linux.kernel> From: Andi Kleen Date: 18 Nov 2002 00:52:36 +0100 In-Reply-To: ebiederm@xmission.com's message of "17 Nov 2002 22:33:07 +0100" Message-ID: X-Mailer: Gnus v5.7/Emacs 20.6 Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 736 Lines: 12 ebiederm@xmission.com (Eric W. Biederman) writes: > I agree that you cannot do a perfect job. The goal is to get something > that is good enough so that it can be enabled and not give an automatic root > exploit if someone accidentally leaves it on at the wrong time. You can always use a simple mac / shared secret scheme. Just use HMAC on each packet. The kernel has all the needed code in crypto/ now. May not be military grade, but should be good enough to stop most attacks. -Andi - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/