On Sun, 2005-01-16 at 12:12, Straxus wrote: > I'm trying to limit which network interfaces a given user can access. > I have two network cards (eth0 and eth1), and I've set up all sorts of > virtual interfaces (eth0:0, eth0:1, etc) to give the cards multiple IP > addresses. I don't have a solution, but I've always considered it a bizarre departure from the unix security model that Linux does not have an underlying device in the filesystem with associated owner/group that has to be opened before gaining access to the network. Does anyone know the history of this omission? I wouldn't expect this to apply to individual interfaces, but I thought that SysV had something like /dev/tcp where permissions where applied. -- Les Mikesell les@xxxxxxxxxxxxxxxx
