| Nick Gordon | 221531c | 2017-06-08 11:44:45 -0500 | [diff] [blame] | 1 | \section{NFD RIB Command Processor} |
| 2 | \label{sec:nfd-rib-commands} |
| 3 | |
| 4 | The NFD RIB Command Processor allows modification of NLSR's advertised |
| 5 | name prefixes using NFD's RibMgmt commands. Such commands may |
| 6 | originate from something like NFD's Readvertise module, which permits |
| 7 | routes inserted in NFD to be propagated through to NLSR, so that NLSR |
| 8 | can provide routing support for them. |
| 9 | |
| 10 | \subsection{Advertising and Withdrawing Routes} |
| 11 | The processor accepts valid RibMgmt commands that have the name prefix |
| 12 | to manipulate the origin of the route specified. No other validation |
| 13 | is performed, as stated below. |
| 14 | |
| 15 | The processor does not send any kind of response to commands. |
| 16 | |
| 17 | \subsection{Security} |
| 18 | Any RibMgmt commands received on the \texttt{/localhost/nlsr/rib} |
| 19 | prefix are considered secure, and are processed. This introduces a |
| 20 | security hole because anyone who can send a RibMgmt command on this |
| 21 | prefix can arbitrarily manipulate NLSR's advertised prefixes. However, |
| 22 | because sending commands to this prefix requires root access, a |
| 23 | would-be attacker will already have root access locally. |