Re: Scannning

[Dan Williams <dcbw redhat com>]

On Mon, 2007-03-19 at 10:27 -0400, Matthew Saltzman wrote:
> On Mon, 19 Mar 2007, Tambet Ingo wrote:
> > [...]
> > There are multiple problems when trying to "fix" this behavior:
> >
> > * Scanning disables all other operations on card so network doesn't work at
> > that time. That's the reason there is a timeout, that's the reason there
> > can't be a "scan now" button (well, part of the reason anyway). We need to
> > protect NM from malicious users who can write a shell script to make NM scan
> > constantly (or if they're not smart enough, keep hitting that
> > button/activating the menu manually). [1]
> > [...]
> >
> > [1] I'm not sure how serious that is since any user can just deactivate all
> > networking anyway.
> 
> The idea of preventing a user from intentionally launching a DoS attack on 
> his own service seems strange to me.  As you say, if a user wants to deny 
> himself a service, all he needs to do is turn it off.  (If NM is intended 
> to manage networks on a truely multi-user system, that's different.  But 
> that's not how I ever envisioned it.  I don't use NM on my workstations 
> because they don't need the dynamic network management facility.  I just 
> don't think of laptops as "real" multi-user systems.)
> 
> Accidental self-DoS is a different issue.  One thing that occurs to me is 
> simply not rescheduling the scan if the menu is opened within the 
> 20-second interval.  Then a user can just reopen the menu every few 
> seconds and see if it's been updated.  There's no way to really cancel a 
> scheduled scan, so what's wrong with just letting it go once scheduled?

Right, that's a bug.  The scan shouldn't get rescheduled a further 20
seconds every time the menu is dropped down, it should let the 20s
timeout run down first.

Dan