On Mon, 19 Mar 2007, Tambet Ingo wrote:
> [...]
> There are multiple problems when trying to "fix" this behavior:
>
> * Scanning disables all other operations on card so network doesn't work at
> that time. That's the reason there is a timeout, that's the reason there
> can't be a "scan now" button (well, part of the reason anyway). We need to
> protect NM from malicious users who can write a shell script to make NM scan
> constantly (or if they're not smart enough, keep hitting that
> button/activating the menu manually). [1]
> [...]
>
> [1] I'm not sure how serious that is since any user can just deactivate all
> networking anyway.
The idea of preventing a user from intentionally launching a DoS attack on
his own service seems strange to me. As you say, if a user wants to deny
himself a service, all he needs to do is turn it off. (If NM is intended
to manage networks on a truely multi-user system, that's different. But
that's not how I ever envisioned it. I don't use NM on my workstations
because they don't need the dynamic network management facility. I just
don't think of laptops as "real" multi-user systems.)
Accidental self-DoS is a different issue. One thing that occurs to me is
simply not rescheduling the scan if the menu is opened within the
20-second interval. Then a user can just reopen the menu every few
seconds and see if it's been updated. There's no way to really cancel a
scheduled scan, so what's wrong with just letting it go once scheduled?
--
Matthew Saltzman
Clemson University Math Sciences
mjs AT clemson DOT edu
http://www.math.clemson.edu/~mjs
_______________________________________________
NetworkManager-list mailing list
[email protected]
http://mail.gnome.org/mailman/listinfo/networkmanager-list
