tech-net: Re: per-process socket security settings

Subject: Re: per-process socket security settings
To: Erik E. Fair <fair@clock.org>
From: Bill Sommerfeld <sommerfeld@orchard.arlington.ma.us>
List: tech-net
Date: 03/09/2001 14:51:48

Erik,

> What about the DNS transaction to get the IP address of "peer"?

The per-process policy rules set up by the hypothetical "secure"
program could include an exemption for DNS ports.