On Fri, Nov 5, 2010 at 10:17 PM, Josh Paetzel <jpaet...@freebsd.org> wrote: > On Friday, November 05, 2010 11:48:27 pm Garrett Cooper wrote: > >> > Just to add to that (because I do find it a novel idea), 1) how >> > are you going to properly prevent man in the middle attacks (SSL, TLS, >> > etc?), and 2) what webserver would you use? >> > I bring up the former item because I wouldn't want my data going >> > unencrypted across any wire, and what BSD compatible web servers did >> > you guys have in store and who would maintain the server, and what >> > kinds of vulnerabilities would you be introducing by adding a service >> > which would be enabled by default at runtime? >> >> Sorry -- missed the SSL note. Other questions still outstanding :). >> >> Thanks! >> -Garrett > > Without putting much analysis into it, we talked about using lighttpd, which > is BSDL. As far as another service, it would be running for the install only > which is in most circumstances something that happens locally.
Right. Lighttpd was relatively light and small (but back in the day at my other job at Cisco when I was testing it I remember it ran under 10MB, and the another thing such as Lynx ran about 5MB -- this was on ppc 32 though... MIPS 64-bit was a bit more heavyweight IIRC). Is Lynx a good idea though? It is a GPL tool (and whilst I agree that we shouldn't be really investing any time in modifying the app, FreeBSD tends to shy away from GPL nowadays)... someone else suggested curl, but then you miss out on the visual representation of the installation process :(... Coming up with a short and sweet http client shouldn't be too hard, but it probably would be more error prone than investing in a preexisting client. Thanks, -Garrett _______________________________________________ freebsd-hackers@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "freebsd-hackers-unsubscr...@freebsd.org"
