> Passwords are useless if a client is corrupted. If a client stores the > password the corrupted client can use it. If a client asks for > permission it would be ok, but annoys the user. > > I would suggest to add a node parameter "paranoiaMode=true" that disables: > - direct disk access (only socket connections allowed) > - the send of any worthful NodeInfo stuff like keys > - and probably more > > Disallow anything that could access the box where the node runs. Only > pure FCP2 is allowed.
I agree with that this is a good idea. It's nice to allow FCP to access those details, but there should be an option to deny them if you're really paranoid. -- Phillip Hutchings http://www.sitharus.com/
