Ticket #97 (new defect)

Opened 3 years ago

Last modified 2 years ago

configure the access models

Reported by: lars Owned by: lars
Priority: normal Milestone: Wishlist
Component: live-cd Version: svn
Severity: normal Keywords:
Cc:

Description (last modified by age) (diff)

open:

  • webdav (?)
  • ftp (??)

Attachments

Change History

Changed 3 years ago by lars

  • component changed from debian-package to live-cd

Changed 3 years ago by age

  • description modified (diff)
  • milestone changed from Release 0.3 to cryptobox-server 0.3.1

Changed 3 years ago by lars

  • milestone changed from cryptobox-server 0.3.1 to cryptobox-livecd 0.3.0

Changed 3 years ago by lars

  • milestone changed from cryptobox-cd 0.3.1 to cryptobox-cd 0.3.x

Changed 3 years ago by age

  • milestone changed from cryptobox-cd 0.3.x to cryptobox-cd 0.4.x

maybe next time..

Changed 3 years ago by age

  • version changed from 0.3 to svn
  • milestone changed from cryptobox-cd 0.4.x to cryptobox-live-cd 0.4.0

I would prefer webbdav as the CryptoBox would be fully accessable via webfrontend then.

Changed 3 years ago by lars

isn't it read only instead of fully accessible?

users still have to use their OS-specific network browsing tools to gain write access to the data - or did I miss something?

Changed 3 years ago by age

webdav = rw-access

Changed 3 years ago by lars

yes - you are right. But I think, that this is not the point: if a user wants to _write_ something to a webdav network ressource, then he/she has to:

  • *nix - use konqueror/nautilus/whatever to connect to the webdav ressource
  • windows - use the "network neighbourhood" to map the network drive
  • mac - ... I do not know ...

As far as I know, common web browsers can just _read_ the content.

Am I wrong?

Changed 3 years ago by age

(please, it's not a matter of being right, it's whether we want to implement feature xy or not)

Only reading webdav content via Browser might be cool for being in a hurry. But that's not the point.

Webdav is easy to use from the earliest Mac OSX on, don't know before. Linux users with Gnome & KDE have luck, too. I guess one screenshot and they are all on the way without needing extra software, than usually installed.

On MS OSes the difficulties to write via webdav or samba are imo equal. I guess there is no easier way to give write access at all. So this users don't get an enhancement but a second choice.

My personal summary. It's worth to give Cryptobox users a second way of accessing the volumes. And webdav won't hurt - from security point of view and from implementation support. What do you think about the last to points?

Other question is: Which access do we also want to provide? I would prefer unison (rsnyc over ssh) as it also fits a backup solution. FTP not. Pure ssh/scp/sftp neither. Anything else?

Changed 3 years ago by lars

hehe - we are talking about different things: there is nothing wrong with webdav - I was just afraid, that you are mixing things up (web browser: fully accessible != read only).

my list of preferences:

  • webdav - yes
  • ftp - no - it is not safe, as people have to copy files back and forth to/from their (non-encrypted) desktop computer, if they want to use them
  • scp - no - see above
  • unison/rsync - no - see above

Special circumstances may - of course - invalidate my assumptions about security. But IMO, the target audience of the CryptoBox does not know anything about ftp/scp/rsync/unison.

Of course, whoever wants to write the appropriate plugins and wants to integrate the service, should just do it.

But I would prefer (for now) to enable only samba and webdav by default.

Changed 2 years ago by lars

  • milestone changed from cryptonas-live-cd 0.4.0 to Wishlist

Add/Change #97 (configure the access models)

Author



Change Properties
<Author field>
Action
as new
as The resolution will be set. Next status will be 'closed'
to The owner will change. Next status will be 'new'
The owner will change to anonymous. Next status will be 'assigned'
 
Note: See TracTickets for help on using tickets.