On Mon, 16 Jul 2007 15:21:09 -0400 Ross Vandegrift <[EMAIL PROTECTED]> babbled:
> On Mon, Jul 16, 2007 at 10:55:36AM +0900, Carsten Haitzler wrote: > > networkmanager also handles ppp and pppoe? didn't know that. last i checked > > it just did ethernet and 802.11. well then making a front end to NM is > > probably a good way to go. > > Actually, you're right. I saw PPTP and figured it could also do ppp > since that uses pppd at some level. So we still need the ppp app. maybe NM will get ppp etc. support eventually. i think people are slowly, but surely leaving ppp+modems behind and ignoring them. pppoe is here and will stay for a while it seems though. this doesn't mean we should drop ppp - just that it seems a "low priority" for developers (i haven't used an analogue/ppp modem link for 9 years or so). > > (personally i believe that a file owned by the user and only > > readable by the user is enough - sure root can read it, but how many boxes > > where a user CAN select networks is there going to be an unfriendly root > > user who doesn't already know these things or can't find them out easily). > > there is the danger of "trojans" digging these files up - but once you have > > a trojan/virus running as that user - they can do a lot of damage in terms > > of finding out personal and sensitive info... is it worth the effort to try > > encrypt and then require decryption passphrases etc. > > I'm glad you feel this way - I wasn't really looking forward to the > gnome-keychain model of constantly asking the user for passwords. I > lasted less than a week with that before I modified my pam to shut it > the hell up... i'm a fan of non-intrusive security. there is a point where security just goes too far. imho if a break-in (trojan, virus etc.) attempt has managed to get to the point where it can execute arbitrary code as your user id - game over man. game over. hiding your "ppp" or "pppoe" or "wireless network keys" only slightly mitigates the problem. your password is likely stored in your mail client, web browser (where it saves your passwords - even if "obfuscated" they can be found), and all your own personal data files (mail, porn, etc.) are available to the "hacker". one should stop the hacker getting into the front door to begin with. of course now the paranoid security people will jump up and down and say you need "multiple layers of security" and that by encrypting really sensitive info (like passwords for networks etc.) could avoid big problems if there was an incursion (as now wireless network keys may need to be changed across your workplace - maybe multiple offices across many countries need to change them now as they have been compromised - for example). the question here is - how many times do you really need to go enter a password? i am not sure here, but gnome-keyring to me smells of just another layer for a hacker to get into. hacker can just pretend to be gnome-keyring and pop up a dialog - ask for your passphrase - you would be none-the-wiser and then it can just use that to decrypt your stored info. as i said - once its running as you... game-over boys. -- ------------- Codito, ergo sum - "I code, therefore I am" -------------- The Rasterman (Carsten Haitzler) [EMAIL PROTECTED] 裸好多 Tokyo, Japan (東京 日本) ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ enlightenment-devel mailing list enlightenment-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/enlightenment-devel
