At 05.44 06/02/02 -0600, you wrote: >Marco A. Calamari: > > If normal node doesn't allow key deletion there is one less > > possible way to exploit a bug. > >We don't allow any random host to send FCP commands. > >Doesn't that fact negate your (already weak) argument that a >ClientDelete implementation might not be secure?
No. Maybe the fact that I'm not (clearly) English mothertongue disallow me to clearly explain my point. IMHO the security model of Freenet is robust *also* because negate the existence of a key delete. I'm not concerned at all about the effect that ClientDelete can have when correctly & securely implemented & used. I fear the possibility that ClientDelete can be exploited on a population of well behaved nodes in a well designed attempt of general damage. You cannot exploit only the existing command, not those that doesn't exist. One less command, one less command exploitable in Fred. This is not a weak argument about the implementation, but an attempt to evaluate a cost/benefit of a new command versus the robustness of the Freenet security model. Please. don't start a thread about the difficulty of find an exploit that control a node via FCP interface, this is not the point, and we can move on a infosecurity list or use private mail if you want discuss existing, non-trivial exploit. I'm not one of developers, in the Project I'm only a translator, and maybe an evangelist, nor I want allow me to suggest to GJ dropping a part of his excellent job. I just want to contribute a different point of view (I'm a litte more than naive in info security!) to a loosely-coupled developer community that now can have more focus on work in progress and less on an overall aspect of security, *implementation* included. FWIW. Marco * Marco A. Calamari marco at freenetproject.org * il Progetto Freenet - segui il coniglio bianco the Freenet Project - follow the white rabbit _______________________________________________ Devl mailing list Devl at freenetproject.org http://lists.freenetproject.org/mailman/listinfo/devl
