[bind10-dev] where and how do we plan to actually check ACLs?

JINMEI Tatuya / 神明達哉 jinmei at isc.org
Fri Jun 10 21:51:22 UTC 2011


Some short responses...

At Fri, 10 Jun 2011 18:16:00 +0200,
Jelte Jansen <jelte at isc.org> wrote:

> Looking at ticket #766, I started to wonder if anything had been decided as to
> the high-level issue of how we see acls work in general.
> 
> - From what I gathered in the jabber room, this is magically called
> somewhere, and it would appear there was a sort of unspoken
> consensus that this is done on the highest level within a
> module. I.e. a module gets a packet, runs it through one (compound)
> ACL, and if it passes, starts to actually process it. The ACL would
> contain all the needed information on whether whatever the sender
> tries to achieve is allowed.

I didn't think we had a consensus at this level of details, and I'm
not certain about many details.  In general, I think I agree that it's
better to separate the matching rules (whether a query comes from a
specific source address, whether it's signed with a specific key using
TSIG, etc) and specific actions (allow query/update, etc, discard the
query, with an error response or silently (=blackhole), etc).  I also
agree that the latter (actions) are more about user module's concern
than the core ACL module.

Of course, how specifically we implement the concept is a different
matter.

---
JINMEI, Tatuya



More information about the bind10-dev mailing list