Daemon News Ezine BSD News BSD Mall BSD Support Forum BSD Advocacy BSD Updates

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: binup project

At 19:03 08/03/2003 +0100, Simon L. Nielsen wrote:
I remember looking at it and it looked very interesting. If I remember correctly
on "only" deals with making/applying updated and not the distribution right?

Perhaps your code could be put together with the simple HTTP protocol I was
looking at to actually get a complete remote binary updater... It could be a
start for a full binup.

My code cryptographically signs the updates; they can then be distributed by whatever means is convenient (http, ftp, shortwave radio broadcast...) although since the client code uses fetch(1) that imposes some restrictions. Doing things this way, in addition to eliminating spoofing attacks, also makes it possible for the severely paranoid to perform all secure operations on a system which is physically disconnected from the Internet (and copy the update files to a webserver via sneakernet).

Colin Percival

To Unsubscribe: send mail to majordomo@xxxxxxxxxxx
with "unsubscribe freebsd-binup" in the body of the message