[Nailgun-users] Simple security idea

[John Stracke]

A simple way to secure Nailgun would be to replace the TCP sockets with Unix domain sockets, at least on Unixoid platforms.  (I gather they're not included in Java; but the first Google hit on "Java Unix domain sockets" will find an implementation.) A Unix domain socket is bound into the filesystem, and access is controlled via ordinary file permissions; if you set it 600, then only the user that started it will be able to connect.

Not a complete solution--if you want to keep working over the network, you'll still need some security for TCP--but it'd be a start.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.martiansoftware.com/pipermail/nailgun-users_martiansoftware.com/attachments/20100227/10675273/attachment.html>