On Mon, Jan 21, 2013 at 5:25 PM, intrigeri <intrigeri@???> wrote:
> Adding Maxim to the list of recipients (Maxim: in case you don't read
> tails-dev anymore, please go read the email I'm replying to in the
> list archives :)
Hi, I'm subscribed to the list, just a bit busy lately. I intended to
reply, but you were first to do so. :)
My problem with adrelanos' proposal is that it goes with the
system-as-a-blackbox approach, resulting in too many patch
possibilities like this one. It is suitable to Whonix, because it does
more or less treat the “inner” OS as a blackbox, but Liberté uses a
bottom-up approach, where every utility and application is vetted and
(hopefully) properly configured. So /etc/hostname
(/etc/conf.d/hostname in Liberté) can be potentially disclosed via
DHCP requests, but dhcpcd has been configured to avoid that (and I
actually had to update its configuration between 4 and 5 branches for
that reason). Username can be disclosed by SSH, but Liberté has “User
root” in ~/config/ssh/config. I don't think hostname in /etc/hosts can
leak somewhere, but will be glad to be proven wrong on that.
So in summary, I am all for making leaked information homogeneous, but
only if there is actual possibility of leaks. Otherwise, it hurts
usability.
--
Maxim Kammerer
Liberté Linux:
http://dee.su/liberte
