Fedora Core 4 Test Update: NetworkManager-0.5.1-1.FC4.1

[David Woodhouse]

On Tue, 2006-01-10 at 13:26 -0500, Peter Jones wrote:
> The premise here is obviously that he's not connected to the RH network
> except when he's logged in as his user, and the other users neither
> neither use his account nor access his laptop remotely.

We are assuming that these users are not acting maliciously, and that
their accounts have not been compromised. But if we're making that
assumption, then it doesn't actually matter much if they _do_ have
access, does it?

Yes, having the key be per-user in NM does prevent other users from
_deliberately_ (or even accidentally) using it when the 'authorised'
user isn't currently logged in. But the 'per-user' nature of the
connection is just an illusion -- in the case where the other user's
account is compromised by a trojan or an SSH worm, the VPN 'solution'
still allows that infection to propagate through the VPN connection. 

Other methods of connection like SSH don't allow that to happen, because
they really _are_ per-user, while network connectivity in practice is
not.

> I think we all agree that WEP keys should at least have the option of
> being global. 

Do we? I reported this fault when a NetworkManager package in
updates-testing started asking me for a password, and that package still
went into FC4 updates-released -- and it's still not fixed in rawhide
either.

If we all agree, shall we make bug #174467 a FC5Blocker then?

>  Let's all stop being didactic, argumentative lunatics
> about our reasons why they should have some other mode as well.

I assume that's directed at GNOME folks rather than myself, as I've
never said it shouldn't allow a per-user option.

I just questioned the value of the per-user mode in the real world.

Yes, I accept that you can find some weird situations in which it makes
sense, so it should be possible -- but it certainly shouldn't be the
_default_, let alone the _only_ mode available.

-- 
dwmw2