On 11/06/2010 00:05, Garrett Cooper wrote:
On Fri, Nov 5, 2010 at 11:04 PM, Garrett Cooper<[email protected]> wrote:
On Fri, Nov 5, 2010 at 10:06 PM, Warner Losh<[email protected]> wrote:
Just to add to that (because I do find it a novel idea), 1) how
are you going to properly prevent man in the middle attacks (SSL, TLS,
etc?), and 2) what webserver would you use?
https or ssh.
We're also toying with the idea of having a partition that you could
'dd' your certs and keys to (so any system can customize the image
with keys to make sure you were talking to who you think you are).
We'd just reserve 1MB of space on partition s3. We'd then check to
see if there was a tar ball. If so, we'd extract it and do the
intelligent thing with the keys we find there.
Wouldn't it be better just to go with a read-write media solution
(USB) like Matt Dillon was suggesting at today then? Then again,
determining the root device to date is still a bit kludgy isn't it?
I bring up the former item because I wouldn't want my data going
unencrypted across any wire, and what BSD compatible web servers did
you guys have in store and who would maintain the server, and what
kinds of vulnerabilities would you be introducing by adding a service
which would be enabled by default at runtime?
The web server would just be there at installation time. You'd run it
out of the ram disk and it would evaporate when the system reboots
after it being installed.
Sure.
Also, I'm not sure we even need to have to have a set of prompts. If
we do the web page right, we likely can just go directly to lynx...
Well... I like the curl idea a lot more for this approach (esp because
it supports more protocols than just http and ftp, whereas lynx is
constrained to ftp and http for the most part), but having both
solutions is more heavyweight for the task than it probably should be.
One other thing to add. If prompts aren't necessary, the process
should be completely scripted, so I personally would probably just
take the webserver, et all out of the equation. Just seems like
unnecessary and problematic overhead requirements...
Prompts are required. Of course, we could have an image that would
automatically overwrite whatever disk it found when booting, but that's
kinda dangerous to have be the default.
We really need the web server to run the web app that is the installer
front end. I don't see any way around that.
Warner
Thanks!
-Garrett
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "[email protected]"
