On Tue, Apr 18, 2000 at 01:14:42PM +0100, Ian Clarke wrote: > If we do it like this, we would need to exercise *extreme* caution to > ensure that we don't create a security hole through which people could > shutdown Freenet nodes, or worse, crack machines running nodes. It > would probably need to have a password system (relying on IP addresses > is no good as they can be faked), and that password would probably need > to be encrypted using some kind of handshake mechanism. This rapidly > becomes very very complicated. > > Much easier to just allow communication via STDIN and STDOUT. > > Ian.
Normally I would agree with limiting Freenet to only essential (and very secure features) But the ability to remotely shutdown / purge my Freenet node just-in-case would be a nice addition for my peace of mind :-) I would probably implement a watchdog feature on my box to trigger under certain (tampering) conditions. While this purging is unlikely to prevent anyone from pulling data off of my disk, if they are determined to get it, it could make life a bit more difficult, especially if i store everything to another encrypted (virtual) filesystem. (Linux has some nifty support for those) I advocate using a signing of messages with some sort of public key, this would be much more difficult to crack then a password scheme, and probably not too much more trouble to implement, since it looks like we will end up with various types of signed messages anyway. Another possibility, however, and one that would be even easier to implement, would be your idea of STDIN/OUT only controls. (This just occured to me) The user could then write a frontend of their own, using shell scripts or a custom program (GUI / Network sockets / etc) to handle control. This solution should make everyone happy, while keeping to the *nix-like ideal of simple flexible parts that can be combined into something useful and new. I don't see why any of the current proposals could be handled in this manner. And this, being my current favorite thing to play with at the moment, would certainly be something I could contribute some time to. (Although my lady love *might* have a little something to say about that ;-) --Adam Lydick -- Freenet -- Re-Wiring the Internet http://freenet.sourceforge.net My Node: tcp/rivendell.yi.org:19114 _______________________________________________ Freenet-dev mailing list Freenet-dev at lists.sourceforge.net http://lists.sourceforge.net/mailman/listinfo/freenet-dev
