From francis at thibault.org  Sat Feb 27 05:45:42 2010
From: francis at thibault.org (John Stracke)
Date: Sat, 27 Feb 2010 06:45:42 -0500
Subject: [Nailgun-users] Simple security idea
Message-ID: <1267271142.2848.6.camel@Nokia-N810-23-14>

A simple way to secure Nailgun would be to replace the TCP sockets with Unix domain sockets, at least on Unixoid platforms.  (I gather they're not included in Java; but the first Google hit on "Java Unix domain sockets" will find an implementation.) A Unix domain socket is bound into the filesystem, and access is controlled via ordinary file permissions; if you set it 600, then only the user that started it will be able to connect.

Not a complete solution--if you want to keep working over the network, you'll still need some security for TCP--but it'd be a start.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.martiansoftware.com/pipermail/nailgun-users_martiansoftware.com/attachments/20100227/10675273/attachment.html>