durusmail: qp: Re: [QP] specifying host for scgi, durus, etc.
specifying host for scgi, durus, etc.
2006-03-30
mario ruggier
2006-03-30
David Binger
Re: specifying host for scgi, durus, etc.
2006-03-31
Michael Watkins
2006-03-31
mario ruggier
2006-03-31
David Binger
2006-03-31
mario ruggier
2006-03-31
David Binger
2006-03-31
mario ruggier
2006-04-01
mario ruggier
2006-04-01
David Binger
2006-04-01
mario ruggier
2006-04-01
David Binger
2006-04-01
mario ruggier
2006-04-01
David Binger
2006-04-01
David Binger
2006-04-02
mario ruggier
Re: [QP] specifying host for scgi, durus, etc.
David Binger
2006-04-01
On Apr 1, 2006, at 9:37 AM, mario ruggier wrote:

> By this you mean that if I know that there is a durus server
> running on machine:1234 then I can start my own durus client, and
> do what I will? Yes, I can see this as a real problem.

Yes.  That's what I mean.

>
> So, if we are unable to guarantee that the durus port is private,
> then we must either have some sort of client authentication...
> which would be very annoying. But maybe having a simple list of
> hosts (server init parameter) from which clients are allowed to
> connect, would be enough? And, I guess with default being localhost.

I think we need to add to Durus an option to use
Unix Domain sockets.   I hope that those can be
kept private, even on a FreeBSD virtual host.
reply