From: "Randy.Dunlap" <rddunlap@osdlab.org>
To: linux-hotplug@vger.kernel.org
Subject: Re: Network protocol for linux-hotplug.
Date: Mon, 08 Oct 2001 14:22:00 +0000 [thread overview]
Message-ID: <marc-linux-hotplug-100255122013514@msgid-missing> (raw)
In-Reply-To: <marc-linux-hotplug-100250374523386@msgid-missing>
Dmitri wrote:
>
> Quoting Stamatis Mitrofanis <ewstam@softhome.net>:
>
> > It had occurred to me that it might be a good idea to make things such
> > that unsatisfied hotplug requests are forwarded through the network to
> > certain database servers.
>
> > This automatic-downloading system must be very small, very uniform and
> > very simple to implement. Questions that need answers:
>
> > - What protocol do we use for communication of the user system with the
> > server system? (must be well-known and standard)
>
> http:// and nothing else. This is because of firewalls and proxies
> that are capable of handling it. Other protocols/ports are often
> blocked from leaving intranets. Also, all http:// infrastructure is
> already available and widely deployed, allowing easy mirroring.
>
> > - How do we organize scripts and programs to do the job?
>
> wget http://www.kernel.org/cgi-bin/getdriver?bus=usb&pid=0x1234&vid=0x5678
> tar xzvf usb_0x1234_0x5678.tar.gz
> cd usb_0x1234_0x5678 && make && make install
>
> > - What will be the formats for drivers downloaded from the net?
>
> likely, tarballs - but .rpm or .deb is also OK, as long as the originator
> of the request asked for them, *and* as long as they are available. This
> means that the script has to know how to fall back to the tarball.
>
> > - <insert your question here>
>
> Add mandatory signatures to all packages, and mandatory checking of
> said signatures vs. hardcoded list of identities (public keys).
> This means that only holders of these keys can publish drivers.
> Otherwise this will be insecure, to put it mildly :-)
I must strongly agree with Dmitri's last statement.
Without some form of security checking, this scheme is a huge
open hole for danger.
But like Keith said, source code is the only form that
scales and works on all types of platforms, at least right now.
~Randy
_______________________________________________
Linux-hotplug-devel mailing list http://linux-hotplug.sourceforge.net
Linux-hotplug-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-hotplug-devel
next prev parent reply other threads:[~2001-10-08 14:22 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2001-10-08 0:05 Network protocol for linux-hotplug Stamatis Mitrofanis
2001-10-08 1:50 ` Keith Owens
2001-10-08 1:57 ` Dmitri
2001-10-08 14:22 ` Randy.Dunlap [this message]
2001-10-08 19:01 ` Tim Jansen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=marc-linux-hotplug-100255122013514@msgid-missing \
--to=rddunlap@osdlab.org \
--cc=linux-hotplug@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).