... | ... | @@ -85,7 +85,7 @@ Kea 1.9.2 introduced a new `auth` hook point. With this new hook point it is now |
|
|
|
|
|
## Control channel security
|
|
|
|
|
|
The three primary Kea deamons (`kea-dhcp4`, `kea-dhcp6` and `kea-dhcp-ddns`) all support a control channel, which is implemented as UNIX socket. The control channel is disabled by default, but most configuration examples have it enabled as it's a very popular feature. It opens a UNIX socket. To read from or write to this socket, generally root access is required, although if Kea is configured to run as non-root, the owner of the process can write to it. Access can be controlled using normal access control on POSIX systems (owner, group, others, read/write).
|
|
|
The three primary Kea deamons (`kea-dhcp4`, `kea-dhcp6` and `kea-dhcp-ddns`) all support a control channel, which is implemented as UNIX socket. The control channel is disabled by default, but most configuration examples have it enabled as it's a very popular feature. It opens a UNIX socket. To read from or write to this socket, generally root access is required, although if Kea is configured to run as non-root, the owner of the process can write to it. Access can be controlled using normal file access control on POSIX systems (owner, group, others, read/write).
|
|
|
|
|
|
|
|
|
# 3. Managing Software Vulnerabilities
|
... | ... | |