* Matthew Toseland <[EMAIL PROTECTED]> [2008-09-24 20:32:16]: > On Wednesday 24 September 2008 20:19, Florent Daignière wrote: > > * Matthew Toseland <[EMAIL PROTECTED]> [2008-09-23 01:45:10]: > > > > > On Monday 22 September 2008 20:30, Zero3 wrote: > > > > > > I really don't understand why creating a user - a measure which is solely > > > intended to improve security by not having Freenet run as System - causes > > > concern for so many windows-using geeks. You can't log in as that user, > and > > > thus it isn't visible on the login screen. And it's standard practice on > > > unix. And it improves your security against a hypothetical exploit in > > > Freenet. WHY IS THIS BAD? Having said that, it does seem to cause some > > > installation failures, so maybe we should turn it off. However, running > > > as > > > the installing user isn't straightforward, we'd probably end up running > > > as > > > System. Nextgens??? > > > > Running as the installing user isn't an option unless we ask him for his > > password AND store it in cleartext in a file... or we don't use the > > windows services at all. > > > > Running it as System is what we have been doing before you pushed hard > > on me to find a solution to > > https://bugs.freenetproject.org/view.php?id=1231 > > > Well, the biggest problem IIRC wasn't the security issue but the fact that a > service running as System can't be killed from Task Manager. > > As you say, we can't run as the installing user...
Well, we can! provided we don't use the windows services at all but a shortcut in the startup menu or something like that... but we don't want to because that's user-specific. We want to maximize the uptime of nodes, not to restrict it to the timespan a specific user is logged on the system.
signature.asc
Description: Digital signature
_______________________________________________ Devl mailing list [email protected] http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
