netfilter-devel April 2010 archive
Main Archive Page > Month Archives  > netfilter-devel archives
netfilter-devel: Re: [PATCH 1/2] netfilter: xtables: inclusion o

Re: [PATCH 1/2] netfilter: xtables: inclusion of xt_SYSRQ

From: Patrick McHardy <kaber_at_nospam>
Date: Wed Apr 21 2010 - 13:17:00 GMT
To: Jan Engelhardt <jengelh@medozas.de>

Jan Engelhardt wrote:
> On Wednesday 2010-04-21 14:59, Patrick McHardy wrote:
>
>> Jan Engelhardt wrote:
>>> The SYSRQ target will allow to remotely invoke sysrq on the local
>>> machine. Authentication is by means of a pre-shared key that can
>>> either be transmitted plaintext or digest-secured.
>> I really think this is pushing what netfilter is meant for a bit
>> far. Its basically abusing the firewall ruleset to offer a network
>> service.
>>
>> I can see that its useful to have this in the kernel instead of
>> userspace, but why isn't this implemented as a stand-alone module?
>> That seems like a better design to me and also makes it more useful
>> by not depending on netfilter.
>
> That sort of diverts from the earlier what-seemed-to-be-consensus.
>
> Oh well, I would not mind holding the single commit up as long as the
> rest isn't blocked too :-)

Then lets skip this one for now.
-- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html