Re: [pcp] New Option for pmlogger?

To:	Dave Brolley <brolley@xxxxxxxxxx>
Subject:	Re: [pcp] New Option for pmlogger?
From:	Nathan Scott <nathans@xxxxxxxxxx>
Date:	Thu, 20 Mar 2014 06:06:30 -0400 (EDT)
Cc:	pcp@xxxxxxxxxxx
Delivered-to:	pcp@xxxxxxxxxxx
In-reply-to:	<5329BB49.1050101@xxxxxxxxxx>
References:	<5329BB49.1050101@xxxxxxxxxx>
Reply-to:	Nathan Scott <nathans@xxxxxxxxxx>
Thread-index:	dMtIQgbD884iibevGuVPfTL1cggSKw==
Thread-topic:	New Option for pmlogger?

Hi Dave,

----- Original Message -----
> Hi,
> 
> During a recent irc discussion, Frank suggested the addition of an
> option to limit pmlogger to listening only the AF_UNIX socket for
> control connections. The idea is that the new simple authentication on
> that socket is of no use if a user can just go ahead and connect via
> inet or ipv6. It was also noted during the discussion that the same
> effect could be achieved using ACL, something like
> 
> [access]
> disallow .* : all;
> disallow :* : all;
> allow unix:* : enquire;
> 
> so the option would really just be a shortcut with the additional effect

Having both an option and the config for specifying access, seems like
it might introduce awkwardness wrt having to deal with ambiguities and
conflicting specifications?  If that's true then I'd vote for just the
config file specification I guess - one source of truth.

cheers.

--
Nathan

<Prev in Thread]	Current Thread	[Next in Thread>
New Option for pmlogger?, Dave Brolley Re: [pcp] New Option for pmlogger?, Nathan Scott <=

Previous by Date:	pcp updates: brolley merge (pmlc/pmlogger), qa, Nathan Scott
Next by Date:	pcp updates - assorted, Ken McDonell
Previous by Thread:	New Option for pmlogger?, Dave Brolley
Next by Thread:	fche/dev patches, Frank Ch. Eigler
Indexes:	[Date] [Thread] [Top] [All Lists]