Use a control socket directory to restrict access
authorScott Lamb <slamb@slamb.org>
Thu, 8 Nov 2007 19:18:44 +0000 (19:18 +0000)
committerScott Lamb <slamb@slamb.org>
Thu, 8 Nov 2007 19:18:44 +0000 (19:18 +0000)
commitfe2f1fceb546ca4326435cac26bcf3f513e82b43
treef9cb22cf0bf3ce7fadc4553fe86035dbb4074ee7
parentb1f8c65a2cfa307d9b8ed8cc3c8d4819f605e4f6
Use a control socket directory to restrict access

This provides reasonable security even on Solaris. The sysadmin is
responsible for securing the control socket's ancestors from the
grandparent on.

We could add a cryptographic handshake later if desired.
src/control.c
src/control_common.h
src/tincctl.c
src/tincd.c