Am Dienstag, 1. Dezember 2015, 18:39:06 schrieb Giuseppe Scrivano: > Ángel González <[email protected]> writes: > > On 30/11/15 22:33, Tim Rühsen wrote: > >> There is the situation where --no-check-cert is implicitly set (.wgetrc, > >> /etc/wgetrc, alias) and the user isn't aware of it. Just downloading > >> without a warning opens a huge security hole because you can't verify > >> where you downloaded it from (DNS attacks, MITM). > >> I leave it to your imagination what could happen to people in unsafe > >> countries... this warning could save lives. > >> > >> For an expert like Karl, this is just annoying. > >> > >> The warning text could be worked on, makeing clear that you are really > >> leaving secure ground, that cert checking has been explicitly turned off > >> and how to turn it on again. And only proceed if you really, really are > >> aware of what you are doing. > >> > >> Of course all this applies to HTTP (plain text) as well. But someone > >> requesting HTTPS and than dropping the gained security should be warned > >> by > >> default. > >> > >> My thinking is a pessimistic approach, but as long as you can't be 100% > >> sure that bad things can't happend due to dropping the warning, we > >> should leave it (and improve it the best we can). > >> > >> Tim > > > > An alternative to make --no-check-certificate silent would be to > > > > provide a parameter to explicitely silence it: > > --no-check-certificate=quiet > > good idea, it looks like a good compromise. Tim, would it work for you? > We will keep the current behavior, and brave users can use the new > parameter.
A new parameter is basically fine. But let's see what Karl answers to my last mail - I suggested stderr filtering for his script, so he can get rid of the warning. If that works out, we have a simple solution without touching wget. Also that solution is applicable to other warnings/messages as well. If Karl (or anyone else) still has a problem, let's add a new option (or extend --check-certificate) as Ángel suggests. Tim
