On Tuesday 02 July 2002 10:29, Charles Steinkuehler wrote: > > 2) authentication may be an issue, but maybe this would bloat > > weblet, especially if we still want to support floppies > > I'd prefer to avoid the authentication entirely with sh-httpd, but > basic authentication may be required. Note that even if implemented, > I wouldn't really consider this amazingly secure...it would simply be > a way to provide some sort of password so Junior couldn't edit the > firewall rules on a whim, enabling the latest [mal|share]ware program > to work. > > I think any form of secure authentication, as well as any encryption > or tunneling should be handled by a seperate program (ie ssh, ssl, > zeebee, or similar).
After checking quite a few options available, I believe IDE releases should use ssh tunneling since it is likely already being used and floppy images should use zeebelee for space limitations. The Weblet would be limited to localhost and all configuration would be authenticated via the particular tunnel program used. I suppose zeebedee could be used for everything, but I'm not sure how two tunneling programs would react to each other if used at the same time. This would also limit the security risk due to any code we produce. -- ~Lynn Avants aka Guitarlynn guitarlynn at users.sourceforge.net http://leaf.sourceforge.net If linux isn't the answer, you've probably got the wrong question! ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek No, I will not fix your computer. http://thinkgeek.com/sf _______________________________________________ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
