Re: Openwall GNU/*/Linux (Owl) 1.0 release

From: Solar Designer (solar@private)
Date: Fri Oct 18 2002 - 21:08:34 PDT


On Wed, Oct 16, 2002 at 10:10:29AM +0200, Lionel CONS wrote:
> Solar Designer writes:
>  > CDs (and ISO-9660 images available via the FTP mirrors) are bootable
>  > on x86 and include a live system and x86 binary packages, as well as
>  > full source code which may be rebuilt with one simple command ("make
>  > buildworld").  Security tools such as John the Ripper are usable right
>  > off the CD, without requiring a hard disk -- this way Owl may also be
>  > considered an alternative to Trinux.
> 
> This is very good but the network setup is a bit painful. Any chance
> to support BOOTP/DHCP? Something like Red Hat's pump would be nice to
> have.

Initially, I was against any support for easily spoofable protocols
like these in Owl.  But, well, there's demand...

Matthias has already mentioned that DHCP is planned.  The reason it's
not getting in so easily is we want to implement privilege separation
for dhcpcd and run dhcpd with reduced privileges (the latter is easier).

I haven't looked into Red Hat's pump before, but now that I do it
seems like it could actually be an alternative to dhcpcd.  It's rather
small, doesn't seem to require an external package to handle DHCP, and
seems to configure network interfaces by itself (rather than invoking
external scripts).  Privilege separation could still be desired, though,
because network interface configuration is a highly privileged operation
whereas protocol handling could be done with reduced privileges.

Packaging both dhcpcd and pump is against one of our conventions which
is to preferably have only one implementation of a feature in Owl.

What do you and others think?  May pump replace dhcpcd entirely?

-- 
/sd



This archive was generated by hypermail 2.1.3 : Sun Jan 15 2006 - 13:43:17 PST