[bind10-dev] where and how do we plan to actually check ACLs?
JINMEI Tatuya / 神明達哉
jinmei at isc.org
Fri Jun 10 21:51:22 UTC 2011
Some short responses...
At Fri, 10 Jun 2011 18:16:00 +0200,
Jelte Jansen <jelte at isc.org> wrote:
> Looking at ticket #766, I started to wonder if anything had been decided as to
> the high-level issue of how we see acls work in general.
>
> - From what I gathered in the jabber room, this is magically called
> somewhere, and it would appear there was a sort of unspoken
> consensus that this is done on the highest level within a
> module. I.e. a module gets a packet, runs it through one (compound)
> ACL, and if it passes, starts to actually process it. The ACL would
> contain all the needed information on whether whatever the sender
> tries to achieve is allowed.
I didn't think we had a consensus at this level of details, and I'm
not certain about many details. In general, I think I agree that it's
better to separate the matching rules (whether a query comes from a
specific source address, whether it's signed with a specific key using
TSIG, etc) and specific actions (allow query/update, etc, discard the
query, with an error response or silently (=blackhole), etc). I also
agree that the latter (actions) are more about user module's concern
than the core ACL module.
Of course, how specifically we implement the concept is a different
matter.
---
JINMEI, Tatuya
More information about the bind10-dev
mailing list