Daemon News Ezine | BSD News | BSD Mall | BSD Support Forum | BSD Advocacy | BSD Updates |
At 19:03 08/03/2003 +0100, Simon L. Nielsen wrote:
I remember looking at it and it looked very interesting. If I remember correctlyon "only" deals with making/applying updated and not the distribution right? Perhaps your code could be put together with the simple HTTP protocol I was looking at to actually get a complete remote binary updater... It could be a start for a full binup.
My code cryptographically signs the updates; they can then be distributed by whatever means is convenient (http, ftp, shortwave radio broadcast...) although since the client code uses fetch(1) that imposes some restrictions. Doing things this way, in addition to eliminating spoofing attacks, also makes it possible for the severely paranoid to perform all secure operations on a system which is physically disconnected from the Internet (and copy the update files to a webserver via sneakernet).
Colin Percival To Unsubscribe: send mail to majordomo@xxxxxxxxxxx with "unsubscribe freebsd-binup" in the body of the message