#Wget proxy software#
I’m not sure I buy the “no persona” software argument, as it seems that this change has a very specific person in mind as it currently stands. I think it would be much cleaner to just add the keys of the common software this user wants to install. With that in mind, intercepting wget and curl seems too low level. The aim of this change to me, is to improve usability for our hypothetical non tech savvy journalist (to quote your other post) without breaking the above threat model. Therefore, we disallow network access pushing users to use the trusted repositories, which enforce signature checking etc.
Bad software in them can threaten the compartmentalization of Qubes. What are we even saying here? “This command might be safe or it it might not be?” I thought the whole point of this endeavor was to optimize for the usability of a non-technical user, how are they going to know whether to wait three seconds or not?Ĭurrently the templates have a really clear threat model in mind. We’re giving no information that the user didn’t have before executing the command in the first place. The three second pause also seems really in-elegant to me too. Now, if you want to justify that by saying it’s a convenience vs security thing, that’s one thing, but I don’t buy that doing it through a proxy is any safer than just exposing the network directly. The net effect is still the same proxy or not, we’re giving the user a way of downloading arbitrary scripts from the internet in the templates. The claim was to wrap around and give a chance to the user to stop downloads happening in random scripts. Nowhere is that PoC claiming to protrct users from running a random bash script in template/dom0. That was my proposition to ease while educate users attemtping to follow software installation guides expected to work ™. Other methods used to download stuff from your script would fail as usual. No protection on the sudo call here, but safeguards to download stuff only from curl/proxy. Then each time that script would call wget/curl, those calls would be intercepted and paused for 3 seconds, showing what is attempted to be downloaded, giving opportunity for the user to CTRL-C per console instructions and showing you what the script you run is attempting to download on your behalf.
In your example, using my PoC, your command would not know about wget-proxy and would stay
#Wget proxy install#
Your hypothetical user that would blindly follow the Signal install instructions would also blindly follow this too. You say that you’re adverse to exposing the templates to the network for security reasons, but from my perspective this is in essence what you’re doing.
0 kommentar(er)
