search

vagrant-smartos / vagrant-smartos-zones

Manage SmartOS local zones in Vagrant
MIT License
54 stars 9 forks source link

zone config should allow ip spoofing #3

Closed sax closed 9 years ago

sax commented 9 years ago

You should be able to specify in a Vagrantfile that a zone allows ip spoofing. This would add a field to the json passed to vmadm when the zone is created.

tylerflint commented 9 years ago

I wonder, is there any harm in allowing ip spoofing all the time? Seems like any risk here would be mitigated simply by being a Vagrant environment.

bixu commented 9 years ago

I think the first order of business should be to give SmartOS users what Linux users would have. And I don’t think a default Linux install will prevent IP spoofing.

Adding controls for that could happen later?

On Oct 6, 2014, at 6:05 PM, Tyler Flint notifications@github.com wrote:

I wonder, is there any harm in allowing ip spoofing all the time? Seems like any risk here would be mitigated simply by being a Vagrant environment.

— Reply to this email directly or view it on GitHub https://github.com/vagrant-smartos/vagrant-smartos-zones/issues/3#issuecomment-58040695.

sax commented 9 years ago

Sounds good. It's a simple change to the zone creation json. Someone want to make/merge a pull request? I'll be back near a computer this evening and can do so otherwise.

tylerflint commented 9 years ago

I don’t have a chance to get this today. If you haven’t by tomorrow I can get it then.

Thanks

On Oct 6, 2014, at 2:13 PM, Eric Saxby notifications@github.com wrote:

Sounds good. It's a simple change to the zone creation json. Someone want to make/merge a pull request? I'll be back near a computer this evening and can do so otherwise.

Sent from my iPhone

On Oct 6, 2014, at 10:07 AM, Blake Irvin notifications@github.com wrote:

I think the first order of business should be to give SmartOS users what Linux users would have. And I don’t think a default Linux install will prevent IP spoofing.

Adding controls for that could happen later?

On Oct 6, 2014, at 6:05 PM, Tyler Flint notifications@github.com wrote:

I wonder, is there any harm in allowing ip spoofing all the time? Seems like any risk here would be mitigated simply by being a Vagrant environment.

— Reply to this email directly or view it on GitHub < https://github.com/vagrant-smartos/vagrant-smartos-zones/issues/3#issuecomment-58040695>.

— Reply to this email directly or view it on GitHub https://github.com/vagrant-smartos/vagrant-smartos-zones/issues/3#issuecomment-58040972 . — Reply to this email directly or view it on GitHub.

sax commented 9 years ago

I'm pushing this on the zonegate branch for now, as it's so far ahead of master. Hopefully will be able to merge in the branch this week.