[Linux-cluster] Security in CMAN
guanxun mu
lyxmoo at gmail.com
Sun Dec 11 17:15:31 UTC 2005
IMO, there're lack security check in cman join/leave mechanism, that's means
a aborative udp packet made the cluster untrusted, if there's a manageable
authorization password input through proc entries, the wrong configured node
or the cracker without the cluster-extension authorized word will not bother
the cluster message passing. a simple memcmp calling in the beginning of
process_message will out sight of load.
sincerely Michael Moore
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/linux-cluster/attachments/20051212/5aaf348f/attachment.htm>
More information about the Linux-cluster
mailing list