<div dir="ltr">Hi Daniel,<div style><br></div><div class="gmail_extra"><br><div class="gmail_quote">On Mon, Apr 15, 2013 at 5:14 AM, Daniel Lezcano <span dir="ltr"><<a href="mailto:daniel.lezcano@free.fr" target="_blank">daniel.lezcano@free.fr</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div class="im">On 04/15/2013 07:53 AM, S.Çağlar Onur wrote:<br>
> Hi Daniel,<br>
><br>
><br>
> On Sun, Apr 14, 2013 at 4:42 PM, Daniel Lezcano<br>
</div><div><div class="h5">> <<a href="mailto:daniel.lezcano@free.fr">daniel.lezcano@free.fr</a> <mailto:<a href="mailto:daniel.lezcano@free.fr">daniel.lezcano@free.fr</a>>> wrote:<br>
><br>
> On 04/14/2013 09:56 PM, S.Çağlar Onur wrote:<br>
> > Hi all,<br>
> ><br>
> > I had some free time today so I tried to implement something using<br>
> > AF_INET messages over loopback broadcast address. I'm not including<br>
> > the patch here because gmail web interface damages it and that's<br>
> what<br>
> > I use right now so please use [1] to see it.<br>
> ><br>
> > I'm sending it to get your feedback and will submit it to list<br>
> if you<br>
> > are OK with that approach.<br>
> ><br>
> > P.S: I used 51423 as the port but of course it can be changed<br>
> > accordingly.<br>
> ><br>
> > [1]<br>
> ><br>
> <a href="https://github.com/caglar10ur/lxc-upstream/commit/123b20e2945ed2b4bc9e6e27b9ef398ec8fcae40.patch" target="_blank">https://github.com/caglar10ur/lxc-upstream/commit/123b20e2945ed2b4bc9e6e27b9ef398ec8fcae40.patch</a><br>
><br>
> Thanks for this code !<br>
><br>
> It sounds like the approach seems ok. My concern is the same than<br>
> Serge,<br>
> what can we do to ensure an event was sent by a container ?<br>
><br>
> We don't want someone to send fake events via UDP. We can't tolerate a<br>
> simple program messing a container supervisor and all the containers<br>
> (running an OS instance).<br>
><br>
> Assuming an user, which is not root, can't build an IP packet, we can<br>
> rely on the IP identification number to detect fake packets, no ?<br>
><br>
><br>
> I'm not sure about the right answer of that question. I was under the<br>
> impression that we are safe since kernel only allows root user to send<br>
> broadcast packages over loopback interface but I might<br>
> be completely wrong.<br>
<br>
</div></div>I don't find a confirmation about this anywhere. Do you have a pointer ?<br>
If it is the case, then that's cool because we are safe on this side.<br></blockquote><div><br></div><div><div>Unfortunately I don't have any but I'll try to write a test client to see what will happen. What should we do if that's not the case? I'm not a security guy at all so I really don't know whether just checking the sequence numbers will be sufficient or something more sophisticated is needed to ensure the authenticity of the messages.</div>
</div><div><br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
Is your code tested ? I mean, did you validate monitoring the events<br>
works with this approach ?<br></blockquote><div><br></div><div style>I tested lxc-monitor and lxc-wait briefly with this code. On one terminal I start 9 containers in parallel while running lxc-monitor and lxc-wait in another one</div>
<div style><br></div><div style><div>caglar@qgq:~/Project/lxc/examples$ sudo ./concurrent_start </div><div>Starting the container (3)...</div><div>Starting the container (7)...</div><div>Starting the container (0)...</div>
<div>Starting the container (1)...</div><div>Starting the container (2)...</div><div>Starting the container (8)...</div><div>Starting the container (4)...</div><div>Starting the container (5)...</div><div>Starting the container (9)...</div>
<div>Starting the container (6)...</div><div><br></div><div><div>caglar@qgq:~$ sudo lxc-monitor -n [0-9]</div><div>'3' changed state to [STARTING]</div><div>'0' changed state to [STARTING]</div><div>'7' changed state to [STARTING]</div>
<div>'1' changed state to [STARTING]</div><div>'2' changed state to [STARTING]</div><div>'8' changed state to [STARTING]</div><div>'4' changed state to [STARTING]</div><div>'5' changed state to [STARTING]</div>
<div>'9' changed state to [STARTING]</div><div>'6' changed state to [STARTING]</div><div>'3' changed state to [RUNNING]</div><div>'9' changed state to [RUNNING]</div><div>'7' changed state to [RUNNING]</div>
<div>'2' changed state to [RUNNING]</div><div>'5' changed state to [RUNNING]</div><div>'6' changed state to [RUNNING]</div><div>'4' changed state to [RUNNING]</div><div>'0' changed state to [RUNNING]</div>
<div>'8' changed state to [RUNNING]</div><div>'1' changed state to [RUNNING]</div></div><div><br></div><div><div>caglar@qgq:~$ sudo lxc-wait -n 0 -s RUNNING</div><div>caglar@qgq:~$ </div><div><br></div></div>
</div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
Thanks<br>
<span class=""><font color="#888888"> -- Daniel<br>
<br>
</font></span></blockquote></div><br clear="all"><div style>Best,</div>-- <br>S.Çağlar Onur <<a href="mailto:caglar@10ur.org">caglar@10ur.org</a>>
</div></div>