Re: Adding Passim as a Fedora 40 feature?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


Richard Hughes wrote:
> I was thinking of adding Passim as a default-installed and
> default-enabled dep of fwupd in the Fedora 40 release. Before I create
> lots of unnecessary drama, is there any early feedback on what's
> described in
> please.

I finally read the README, and, oh geez, this thing is even documented
as assuming a friendly network! And it's being proposed to be enabled
by default, which means it will run on laptops that move around between
cafés, hotels, airports and all the hostile environments anyone can

The document doesn't say what design decisions were made based on the
assumption of a friendly network. All of those design decisions need to
be reconsidered with the assumption that there are attackers on the LAN
who will abuse Passim any way they can, and that Passim must deal
reasonably with any and all attacks.

Björn Persson

Attachment: pgpbKFyUg0F4D.pgp
Description: OpenPGP digital signatur

devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct:
List Guidelines:
List Archives:
Do not reply to spam, report it:

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Users]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]

  Powered by Linux