[Sugar-devel] [Tecnologia] Async schoolserver registration for F11-0.88

Bernie Innocenti bernie at codewiz.org
Thu Jul 1 22:07:55 EDT 2010


El Thu, 01-07-2010 a las 18:53 -0600, Daniel Drake escribió:
> >  http://bugs.sugarlabs.org/ticket/1152
> 
> Not sure if this is what you are suggesting, but it's not so clear cut
> if this should be applied to mainline sugar. It opens up a security
> hole where the entire contents of someones journal can be stolen.

What's the attack vector you're thinking about? Playing dirty tricks
with DHCP and DNS on the LAN? Sadly true for many clients in many
LANs...

Wouldn't this also affect the manual registration case? How could we fix
this without distributing keys to schoolservers?

Given the current security model of the XS-XO interaction, which appears
to be far from being secure in several ways, I would be inclined to add
this one new flaw for the sake of convenience.

Don't get me wrong, I *do* care much about security, but in order to
achieve it we would need to rethink the entire network security model,
not simply by bothering the users with a manual registration step which
does not authenticate the schoolserver anyway. Would you agree?

-- 
   // Bernie Innocenti - http://codewiz.org/
 \X/  Sugar Labs       - http://sugarlabs.org/



More information about the Sugar-devel mailing list