[ previous ] [ next ] [ threads ]
 
 From:  Peter Curran <peter at closeconsultants dot com>
 To:  Dinesh Nair <dinesh at alphaque dot com>
 Cc:  <m0n0wall dash dev at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall-dev] Beta 1.1b16wall>
 Date:  Sun, 18 Jul 2004 19:23:14 +0100 
On Sunday 18 July 2004 13:24, Dinesh Nair wrote:
> On Sun, 18 Jul 2004, Peter Curran wrote:
> > works OK but it is not really going to make it to the big time unless a
> > system to add in modules to a running m0n0 is provided.
>
> somehow, allowing a running m0n0 to update itself with unsigned
> images/modules is perhaps a little too risky, considering that m0n0wall is
> a router/firewall.
>

I understand what you say, even empathise a liitle.  I am not sure what the 
answer is to this conundrum:

Use the 'official' signed version and trust it to act as a firewall; add in 
some third-party software and trust the author of that module not to break 
the firewall.

I am happy to do this, so long as I understand what the module does, can 
inspect its code, and test its functionality.  I may be lucky - I do this 
stuff for a living - but isn't somebody without the knowledge to do this 
putting a lot of (blind) trust in m0n0?

Peter


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.