Search Linux Wireless

Re: [PATCH 1/4 v2] mac80211: Enable mesh security from userspace

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sat, 2011-03-05 at 11:34 -0800, Javier Cardona wrote:

> > That last check seems a bit pointless -- I'd trust userspace (aka allow
> > it to shoot itself in the foot) and not check that there's RSN
> > information when it says it wants security -- maybe WAPI will come up
> > with mesh security at some point ;-)
> 
> Enabling security without an RSN will result in mesh node that can't
> communicate with anyone in the mesh, secured or not.

Right, well, I keep thinking that maybe a daemon could still run an
unsecured mesh? But in any case I'm not so sure how that works at all --
see my reply to the intro mail.

> I prefer
> keeping that check in place to avoid annoying misconfigurations.  You
> still think it's pointless?  (In fact I was contemplating a more
> strict check by returning EINVAL instead of ignoring the request when
> userspace enables security and does not pass an RSN.)

I don't see how that misconfiguration could ever happen since you
wouldn't run the daemon if you don't want RSN, and iw would never set
the secure flag?

It just seems that if somebody wants to play with a protocol that
doesn't use the RSN IE but maybe adapts WPA to it, we could still allow
it to work.

johannes

--
To unsubscribe from this list: send the line "unsubscribe linux-wireless" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html


[Index of Archives]     [Linux Host AP]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [Linux Kernel]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]
  Powered by Linux