Hi Loye, On Wed, 4 Jul 2007 01:43:49 pm Loye Young wrote: > On Tuesday, July 3, 2007 5:14:29 pm Kel Modderman wrote: > > Does the emphasis on "waaayyyyy" indicate you want it moved somewhere > > else? > > My personal feeling is that it should be in a more natural place to look > for it, and that security issues should be more prominent. At the bottom of > a file dealing with modes of operation seems not intuitive. Why not just > give the security issues their own README.security (or similar)?
Sure, that would be good. > > > We'd have to provide the generic group "wheel" too. I think that is not > > going to happen. > > I was of course using the example the documentation provided. Perhaps > creating a group "wireless" might not be a terrible idea, though. We already provide the group "netdev". > > > README.modes suggests perms of 0600 because it describes use cases where > > wpa_supplicant is started as system daemon (by root) only. > > Yes, that's right. The question is "What should be the recommended security > precautions?" Once that's decided, sensible defaults should be set up and > the documentation conformed. Please draft something based on 3) below. The admin could use the "netdev" group if required, or create a group of his own naming, and would have to create/set permissions for any config files required. > > I see three options: > (1) Set file permissions to 660 as default, with owner=root and group=root. > Run as a system daemon, it would operate the same as 600. Run as a user > application with a special group for wireless users, as the documentation > suggests, it would automatically work when the sys admin followed the > directions. > (2) Keep file permissions the way they are, but add lingo to the > documentation telling the sys admin to change the file permissions if he > wants to allow one or more users to configure wireless without giving them > su powers. (3) Set file permissions to 660, owner=root, group=wireless. Run > as a system daemon, without any user in the wireless group, it's the same > as 600. If the sys admin wants one or more users to be able to configure > the wireless connection, he simply adds the users to the wireless group. > > My choice is number 3. Carrying a laptop around inevitably requires > configuring the wireless settings for various local wireless network, and > it's hard to predict in advance what is going to be required. Inevitably, > the sys admin will have to give some sort of enhanced privileges to the > user carrying the laptop. If the sys admin and the user are the same > person, our buddy sudo does the trick and it's no big deal. But if the sys > admin is in the IT department and the user is some salesman or consultant > schlepping around in hotels and airports, the better part of valor would be > to set up a wireless group and put the hapless users in that group. Option > 3 would be a sensible default for file permissions, and reduce the number > of configuration steps, no matter what the sys admin decided. wpasupplicant package does not provide a "/etc/wpa_supplicant.conf" (or any config file of that sort) anymore, therefore cannot provide default permissions for that file or any other that we don't provide. All we can provide is words of wisdom. /etc/network/interfaces is provided by another package, wpasupplicant has nothing to do with it, and never will directly. Other applications such as Network Manager govern wpa_supplicant via dbus with security policy allowing people in "netdev" group be involved. > > To carry it a step farther, the install script could ask which users should > be in the "wireless" group, providing a list of users to select among. Thanks, Kel. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

