Re: [RFC] Fast-user-switching plans

From: Marc Herbert <Marc Herbert gmail com>
To: networkmanager-list gnome org
Subject: Re: [RFC] Fast-user-switching plans
Date: Fri, 28 May 2010 14:46:54 +0100

Le 28/05/2010 09:16, Simon Geard a écrit :

>> Simply because IP is not designed like this at all. NetworkManager's
>> scope is make IP networking easy; not to re-invent the Internet.
> 
> Actually, couldn't something be done with Netfilter rules? The
> connection (a VPN, say) might technically be system-wide, but with rules
> enforcing that only applications running as a certain user could send
> and receive packets on it? Perhaps imperfect, but a starting point...

Sockets have owners, but I doubt very much you can extend that to
packets. The "end-to-end principle" strikes again. So this rules out
Netfilter I am afraid.

On the other hand, maybe SELinux or POSIX capabilities could do
something at the socket level.

Follow-Ups:
- Re: [RFC] Fast-user-switching plans
  - From: Martijn Lievaart

References:
- [RFC] Fast-user-switching plans
  - From: Daniel Gnoutcheff
- Re: [RFC] Fast-user-switching plans
  - From: Ludwig Nussel
- Re: [RFC] Fast-user-switching plans
  - From: =?ISO-8859-1?Q?Jos=E9_Queiroz?=
- Re: [RFC] Fast-user-switching plans
  - From: Ludwig Nussel
- Re: [RFC] Fast-user-switching plans
  - From: =?ISO-8859-1?Q?Jos=E9_Queiroz?=
- Re: [RFC] Fast-user-switching plans
  - From: Marc Herbert
- Re: [RFC] Fast-user-switching plans
  - From: Simon Geard

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]