Date: Fri, 5 Nov 2010 23:05:47 -0700 From: Garrett Cooper <gcooper@FreeBSD.org> To: Warner Losh <imp@bsdimp.com> Cc: jpaetzel@freebsd.org, freebsd-hackers@freebsd.org Subject: Re: txt-sysinstall scrapped Message-ID: <AANLkTimiLEcTKe-v9n1DjR67LxcBiQn5dixOiDiFqZ8w@mail.gmail.com> In-Reply-To: <AANLkTi=G2UEj4P=h=B7Tr58vg7RC9McMZq-q73ArDWOZ@mail.gmail.com> References: <201011052316.27839.jpaetzel@freebsd.org> <AANLkTi=62rRhZsN4wUi6p_yokSxG0tkjUHK7gosLtTRZ@mail.gmail.com> <20101105.230617.74669306.imp@bsdimp.com> <AANLkTi=G2UEj4P=h=B7Tr58vg7RC9McMZq-q73ArDWOZ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Nov 5, 2010 at 11:04 PM, Garrett Cooper <gcooper@freebsd.org> wrote=
:
> On Fri, Nov 5, 2010 at 10:06 PM, Warner Losh <imp@bsdimp.com> wrote:
>>> =A0 =A0 Just to add to that (because I do find it a novel idea), 1) how
>>> are you going to properly prevent man in the middle attacks (SSL, TLS,
>>> etc?), and 2) what webserver would you use?
>>
>> https or ssh.
>>
>> We're also toying with the idea of having a partition that you could
>> 'dd' your certs and keys to (so any system can customize the image
>> with keys to make sure you were talking to who you think you are).
>> We'd just reserve 1MB of space on partition s3. =A0We'd then check to
>> see if there was a tar ball. =A0If so, we'd extract it and do the
>> intelligent thing with the keys we find there.
>
> Wouldn't it be better just to go with a read-write media solution
> (USB) like Matt Dillon was suggesting at today then? Then again,
> determining the root device to date is still a bit kludgy isn't it?
>
>>> =A0 =A0 I bring up the former item because I wouldn't want my data goin=
g
>>> unencrypted across any wire, and what BSD compatible web servers did
>>> you guys have in store and who would maintain the server, and what
>>> kinds of vulnerabilities would you be introducing by adding a service
>>> which would be enabled by default at runtime?
>>
>> The web server would just be there at installation time. =A0You'd run it
>> out of the ram disk and it would evaporate when the system reboots
>> after it being installed.
>
> Sure.
>
>> Also, I'm not sure we even need to have to have a set of prompts. =A0If
>> we do the web page right, we likely can just go directly to lynx...
>
> Well... I like the curl idea a lot more for this approach (esp because
> it supports more protocols than just http and ftp, whereas lynx is
> constrained to ftp and http for the most part), but having both
> solutions is more heavyweight for the task than it probably should be.
One other thing to add. If prompts aren't necessary, the process
should be completely scripted, so I personally would probably just
take the webserver, et all out of the equation. Just seems like
unnecessary and problematic overhead requirements...
Thanks!
-Garrett
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?AANLkTimiLEcTKe-v9n1DjR67LxcBiQn5dixOiDiFqZ8w>