You are wrong. Anyone with access to FCP can already: - Upload arbitrary files which the node can access. - Read your node reference, your peers and your config - Add or remove peers - Change config options - Write to arbitrary non-existent files which the node can access
It has been suggested that a simple password or a full username/password login might be useful. Nothing was ever really agreed or implemented. So be careful who you let have FCP access! On Wed, Nov 01, 2006 at 07:36:48PM +0100, bbackde at googlemail.com wrote: > Is it true what I see, is each FCP2 client now able to retrieve the > private DSA key from the node, the key that uniquely identifies your > node??? > > Do you think this is a nice feature? Someone could hack some existing > open source application, provide them to some incautious users and > send their private DSA key to some big brother for analysis??? > > I don't want to accept this without an important reason. I have no > idea what a client could do with this private key, except to send it > to some big brother. > > Or am I wrong? -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: Digital signature URL: <https://emu.freenetproject.org/pipermail/tech/attachments/20061101/cbad6b10/attachment.pgp>
