[zeromq-dev] ZMQ and the internet - desired/necessary features

Ian Barber ian.barber at gmail.com
Mon Oct 22 01:10:28 CEST 2012


On Sun, Oct 21, 2012 at 7:57 AM, Merijn Verstraaten
<merijn at inconsistent.nl>wrote:

> Hello again!
> Yesterday I sent an email about doing authenticated PUBSUB by having a
> server side thread per client, however, after some thinking I realised
> there are more issues with using ZMQ on the internet and some more in-depth
> fixing might be desirable.
> The issue with using ZMQ on the internet (or any untrusted network,
> really) is that anyone can just download the library and connect all sorts
> of untrusted code to your infrastructure that can mess with it in all sorts
> of undesirable ways. Some specific issues:

As well as the normal IP level filtering/firewalling, there is currently
the flexibility to specify TCP accept parameters, with the
sockopt ZMQ_TCP_ACCEPT_FILTER. That gives you some broad filtering of who
can connect, which would be good enough for many situations.

For your case (a connected, valid client starts doing Bad Things) I would
say for PUB/SUB there is only a HWM controllable risk, but for ROUTER there
would be value in being able to kick off a certain identity. That said,
just inspecting and dropping bad messages would probably work as well. I
would definitely try and nail down more precisely the kind of scenario
you're concerned about, and work out the most minimal change that could
resolve it. Be aware that TCP is just one of the transports, and for core
library features we should be looking for as wide support as we can
reasonably achieve (so I should be able to handle a bad client over IPC

The bad person snooping problem I would handle over the top of ZeroMQ
rather than trying to solve at that layer - it's much easier (and generally
more pleasant) to separate message delivery from distribution using a bit
of crypto.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.zeromq.org/pipermail/zeromq-dev/attachments/20121021/476eb541/attachment.htm>

More information about the zeromq-dev mailing list