El Thu, 01-07-2010 a las 18:53 -0600, Daniel Drake escribió: > > http://bugs.sugarlabs.org/ticket/1152 > > Not sure if this is what you are suggesting, but it's not so clear cut > if this should be applied to mainline sugar. It opens up a security > hole where the entire contents of someones journal can be stolen.
What's the attack vector you're thinking about? Playing dirty tricks with DHCP and DNS on the LAN? Sadly true for many clients in many LANs... Wouldn't this also affect the manual registration case? How could we fix this without distributing keys to schoolservers? Given the current security model of the XS-XO interaction, which appears to be far from being secure in several ways, I would be inclined to add this one new flaw for the sake of convenience. Don't get me wrong, I *do* care much about security, but in order to achieve it we would need to rethink the entire network security model, not simply by bothering the users with a manual registration step which does not authenticate the schoolserver anyway. Would you agree? -- // Bernie Innocenti - http://codewiz.org/ \X/ Sugar Labs - http://sugarlabs.org/ _______________________________________________ Sugar-devel mailing list Sugar-devel@lists.sugarlabs.org http://lists.sugarlabs.org/listinfo/sugar-devel