Re: Scannning

From: Matthew Saltzman <mjs ces clemson edu>
To: Tambet Ingo <tambet gmail com>
Cc: NetworkManager-List <networkmanager-list gnome org>
Subject: Re: Scannning
Date: Mon, 19 Mar 2007 10:27:11 -0400 (EDT)

On Mon, 19 Mar 2007, Tambet Ingo wrote:

[...]
There are multiple problems when trying to "fix" this behavior:

* Scanning disables all other operations on card so network doesn't work at
that time. That's the reason there is a timeout, that's the reason there
can't be a "scan now" button (well, part of the reason anyway). We need to
protect NM from malicious users who can write a shell script to make NM scan
constantly (or if they're not smart enough, keep hitting that
button/activating the menu manually). [1]
[...]

[1] I'm not sure how serious that is since any user can just deactivate all
networking anyway.

The idea of preventing a user from intentionally launching a DoS attack onhis own service seems strange to me. As you say, if a user wants to denyhimself a service, all he needs to do is turn it off. (If NM is intendedto manage networks on a truely multi-user system, that's different. Butthat's not how I ever envisioned it. I don't use NM on my workstationsbecause they don't need the dynamic network management facility. I justdon't think of laptops as "real" multi-user systems.)

Accidental self-DoS is a different issue. One thing that occurs to me issimply not rescheduling the scan if the menu is opened within the20-second interval. Then a user can just reopen the menu every fewseconds and see if it's been updated. There's no way to really cancel ascheduled scan, so what's wrong with just letting it go once scheduled?


--
		Matthew Saltzman

Clemson University Math Sciences
mjs AT clemson DOT edu
http://www.math.clemson.edu/~mjs

Follow-Ups:
- Re: Scannning
  - From: Dan Williams

References:
- Re: Scannning
  - From: yelo_3
- Re: Scannning
  - From: Tambet Ingo

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]