[Linux-cluster] Security in CMAN
lyxmoo at gmail.com
Sun Dec 11 17:15:31 UTC 2005
IMO, there're lack security check in cman join/leave mechanism, that's means
a aborative udp packet made the cluster untrusted, if there's a manageable
authorization password input through proc entries, the wrong configured node
or the cracker without the cluster-extension authorized word will not bother
the cluster message passing. a simple memcmp calling in the beginning of
process_message will out sight of load.
sincerely Michael Moore
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Linux-cluster