Jun-ichiro itojun Hagino wrote: >>>> it can be application-specific, without application modification. >>>> check out "systrace" by Niels Provos. >>>> >>>> >> it's useful but it really isn't flexible enough to remove the need for >> applications to be able to specify policies. >> > > i wonder how many command line options will be added to the > applications once you start adding up policy stuff... sendmail.cf > lookalike for every apps? > well, I do think we need a policy specification language that lets policies for use of the network be specified independently of the application. I just don't think it will be sufficient for all applications. _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf