> I like this idea. It uses the existing format and is client-friendly and > flexible and extensible. There is the problem of the vulnerability of > making your node controllable over the network. I mean yes, it would be > neat to control your node through Freenet. However, you could have people > messing with it untracably. This is easily fixed, however, by making this > message only accept commands from registered sources. So if you run your > client on tcp/localhost:19115, you can configure your node to only accept > connections from that address. We certainly don't want to use a command > protocol which can't be used by graphical interfaces.
If we do it like this, we would need to exercise *extreme* caution to ensure that we don't create a security hole through which people could shutdown Freenet nodes, or worse, crack machines running nodes. It would probably need to have a password system (relying on IP addresses is no good as they can be faked), and that password would probably need to be encrypted using some kind of handshake mechanism. This rapidly becomes very very complicated. Much easier to just allow communication via STDIN and STDOUT. Ian. _______________________________________________ Freenet-dev mailing list Freenet-dev at lists.sourceforge.net http://lists.sourceforge.net/mailman/listinfo/freenet-dev
