Casper.Dik@Sun.COM napisal(a):
>
> That's a very "big" question as it covers many OSes.
>
> In Solaris, outgoing packets do carry quite a bit of information
> (process credential and often the process ID)
[...]
> It seems that in many OSes, such decisions would need to be made
> at a higher level, e.g., in the connect() or sendto() system calls.
Actually, I need it on Solaris 9. Can you point me to some ideas?
And I'm still curious if it's possible to use "auth" and/or "preauth" rules
in ipfilter in some way to achieve this? They are undocumented, and I don't
know what can they be used for...
Regards,
Jaroslaw Rafa
raj@ap.krakow.pl
--
Spam, wirusy, spyware... masz dość? Jest alternatywa!
http://www.firefox.pl/ --- http://www.thunderbird.pl/
Szybciej. Łatwiej. Bezpieczniej. Internet tak jak lubisz.
|