Named listen addresses in VCL
Poul-Henning Kamp
phk at phk.freebsd.dk
Mon Jul 4 17:39:13 CEST 2016
--------
In message <CABoVN9BRpGPUoQxO3k1s7FKWQNT0hwHe5ez9nSFNpj0o14+pcg at mail.gmail.com>
, Dridi Boukelmoune writes:
>I don't understand, the use cases I'm suggesting are as "unsafe" as
>relying on ACLs with either client.ip or server.ip.
With your suggestion, any traffic coming through a particular
listen address would be trusted, even if that traffic does not
have anything to do on that particular subnet.
>You have the same problem if anything matching one of your ACLs
>trusted address is compromised.
There is a big difference between hijacking the IP of a server in
use, which is likely to trigger alarms, and being able to attack
using any IP going in through a particular interface.
Neither is watertight, but I don't see "convenience" as a valid argument
for increasing the sizes of the holes.
--
Poul-Henning Kamp | UNIX since Zilog Zeus 3.20
phk at FreeBSD.ORG | TCP/IP since RFC 956
FreeBSD committer | BSD since 4.3-tahoe
Never attribute to malice what can adequately be explained by incompetence.
More information about the varnish-dev
mailing list