[Tech] private DSA key retrieveable over FCP2?
Phillip Hutchings
sitharus at sitharus.com
Wed Nov 1 20:30:46 UTC 2006
> Passwords are useless if a client is corrupted. If a client stores the
> password the corrupted client can use it. If a client asks for
> permission it would be ok, but annoys the user.
>
> I would suggest to add a node parameter "paranoiaMode=true" that disables:
> - direct disk access (only socket connections allowed)
> - the send of any worthful NodeInfo stuff like keys
> - and probably more
>
> Disallow anything that could access the box where the node runs. Only
> pure FCP2 is allowed.
I agree with that this is a good idea. It's nice to allow FCP to
access those details, but there should be an option to deny them if
you're really paranoid.
--
Phillip Hutchings
http://www.sitharus.com/
More information about the Tech
mailing list