tech-net: Re: per-process socket security settings

Subject: Re: per-process socket security settings
To: Erik E. Fair <fair@clock.org>
From: None <itojun@iijlab.net>
List: tech-net
Date: 03/12/2001 07:48:46

>I bet that Netscape would fail, though, DNS aside. Some remote web 
>servers will do IPsec, but most won't (today). That's an example of 
>an application that does lots of transactions with lots of different 
>hosts, with many different security policies.

	that is why we have "use" kernel policy.

itojun