| |||||||||||||
LCE: Challenges for Linux networkingLCE: Challenges for Linux networkingPosted Nov 8, 2012 11:40 UTC (Thu) by gb (subscriber, #58328)Parent article: LCE: Challenges for Linux networking
What is the meaning of 'application' in unix environment? Particular process? Process created from particular file? From set of files? What is the point of such "firewall" if applications are not in sandbox?
It's interesting, why all this 'mobile' articles of happy networkmanager users are full of such frustrating concepts, not well thought, not UNIX-way.
Linux is based on very well established standards, like POSIX or system V. Now then something should be added, everything goes thought childish approach "we need x let's add y" without investigation is the y really best solution to solve x. That's why replacing sysvinit with systemd is a problem, and this article look like praising attempt to replace network with something out of windows-oriented minds, overcomplicated, not well thought, and based on weak concepts of "per-application firewall". Makes me worry about Linux future.
(Log in to post comments)
LCE: Challenges for Linux networking Posted Nov 8, 2012 13:00 UTC (Thu) by vonbrand (subscriber, #4458) [Link] The "Oh so badly thought out, unavailable in $OTHER_OS, so useless" Linux control groups should get their own network gunk, so they can set their own configuration. Sure, that means reachitecting most of the network handling (from user commands and configuration files living in /etc all the way down to the kernel's network stack). Sorry, but Unix networking was a poorly integrated kludge, and the Internet was supposed to connect machines (not individual processes), assuming a civilized environment (no script kiddies nor outright criminals out to get at your bank account). And yes, the only sane way to go about this I can see is to integrate it in your despised systemd.
|
|||||||||||||