Dne Fri, 5 May 2000 19:46:17 -0400 (EDT), [EMAIL PROTECTED] napsal:
> You don't need to screw around with *ANYTHING* in /ect/ppp either. It's
> not designed or intended to be used in the fashion you are thinking
> about using.
I agree with this: Arachne should create its own script files, which
will call chat and pppd programs with required command line arguments.
Of course, it will be just *option* for Linux novices; users who already
have ppp interface up and running, will be able to use Arachne without
taking care about Arachne's own PPP configuration wizards. Like in DOS,
you can have "Connection READY" in ARACHNE.CFG, and forget about
Arachne's configuration screens and support dialup tools forever.
> GET THIS STRAIGHT RIGHT NOW. LINUX/UNIX IS NOT DOS. PROGRAMS THAT RUN
> UNDER LINUX/UNIX ARE NOT CONFIGURED LIKE DOS PROGRAMS FOR VERY
> IMPORTANT REASONS.
Which is reason why Linux is still so hard to understand for some users
;-) But KDE tried to change this, and GNOME had to follow, and it even
brought some new interesting concepts: where you have to log-in to KDE
as superusers, you can do the same in GNOME even when logged as normal
user; you are just prompted for superuser's password. This is very good.
I don't think superuser should log into the system at all; it should be
really just last rescue option. Users should log to their secure,
non-priveleged accounts all the time, and run setup tools, which prompt
them for root password only if you want to save changes.
> There is *NO* reason on earth for the Linux version of Arachne to
> let users configure PPP settings from within it. At the very least it
> would be a *MAJOR* system security violation.
There is BIG reason why Arachne should be (optionaly) to configure PPP
interface, because:
1) it is one of hardest tasks in every Linux distribution; there are
always some unexpected problems
2) currently all working user-friendly PPP setup tools known are X,
or even KDE/GNOME based, which is not good for users of older and
slower PCs
3) I would eventualy like to do special Arachne-based, minimal Linux
distribution...
And it is also not security violation, because
1) Arachne executable will have to be setUIded to root, because of
SVGAlib initialization, but the privilege will be given up immediately
after initialization (at least I hope that it will work ;-)
2) Arachne can create script file which will launch pppd with command
line options only, without touching /etc/ppp/options file. kppp also
allows non-privileged users to establish PPP connection; it is true,
that pppd has to be setuided for this purpose, but it is securtity
problem for pppd, not of Arachne...
3) Arachne can ask for root password each time it tries to perform some
privileged operation. I think THIS is the way to go, because it would
also notice unexperienced users, that they have entered phase in which
it would be good to consult some local computer/internet wizard ;-)
> There are a number of stand-alone programs that configure PPP other
> things andwhich are intended to be used by root only. There is no reason
> for a software package like Arachne to offer this ability to a mere user
> via a password prompt.
There are good reasons, mentioned above. One of the reasons is, that
Arachne may become fullscreen graphical setup tool for my own Linux
distribution.... ;-)
> I suggest you subscribe to some newsgroups that deal with programing
> under Linux/Unix before you go any futher and ask the people in
> the newsgroups some serious questions about the issues involved in what
> you are planning on doing here, because like I said before it's a
> very,very bad idea.
I think these people would anyway refuse to use Arachne, because it
probably won't be opensourced anytime soon. Arachne is intended mainly
for new Linux users, who want to escape from Windows world, but who are
not ready to give up all the comfort they are used to.
And for experienced Linux users, it will be no problem to disable all
unwanted functionality in Arachne. At least all user interface is HTML
based, so it is extremely easy to customize...
--
Michael Polak: [EMAIL PROTECTED]
Arachne Labs: http://arachne.cz/
My mobile phone - up to 160 characters: [EMAIL PROTECTED]
