diff options
author | Laurent Ghigonis <laurent@p1sec.com> | 2012-07-22 02:13:20 +0200 |
---|---|---|
committer | Laurent Ghigonis <laurent@p1sec.com> | 2012-07-22 02:13:20 +0200 |
commit | 8dbc8b226c89f78579b787f40b403b12ca756b97 (patch) | |
tree | 7ee7cf7e7c417a7e0b48098ea2afa8e13bafaa64 | |
parent | precise linux version (diff) | |
download | glouglou-8dbc8b226c89f78579b787f40b403b12ca756b97.tar.xz glouglou-8dbc8b226c89f78579b787f40b403b12ca756b97.zip |
add "Notes on architecture and security" section
-rw-r--r-- | glougloud/README.txt | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/glougloud/README.txt b/glougloud/README.txt index 7bdda58..8a8c702 100644 --- a/glougloud/README.txt +++ b/glougloud/README.txt @@ -31,3 +31,21 @@ nc -vvv -u 127.0.0.1 4430 |hexdump -C You get informations of traffic flowing on the monitored interface. + +=== Notes on architecture and security === + +glougloud is architectured in 3 processes: + * main process, runs as root, opens the capture interfaces with +libpcap and resolves DNS names + * server process, runs as _glougloud user and chrooted in _glougloud +home, listens and accepts or refuses clients connections + * user process, runs as _glougloud user and chrooted in _glougloud +home, parses the captured network traffic and sends a summary to the +connected clients + +The 3 processes exchanges messages througt messages, with OpenBSD imsg +framework. + +Note that glougloud activates extra protections on pcap capture only +on OpenBSD by reimplementing some of libpcap functions, see +glougloud.c my_pcap_open_live() |