Re: [Tails-dev] disabling MAC spoofing by default in VM's [W…

Delete this message

Reply to this message
Autore: intrigeri
Data:  
To: The Tails public development discussion list
Vecchi argomenti: Re: [Tails-dev] [RFC] Design (and prototype) for MAC spoofing in Tails
Oggetto: Re: [Tails-dev] disabling MAC spoofing by default in VM's [Was: [RFC] Design (and prototype) for MAC spoofing in Tails]
Hi,

(Splitting into per-topic sub-threads to make the discussion easier
to follow.)

anonym wrote (21 Nov 2013 05:58:37 GMT) :
> As pointed out in a different part of this thread, some virtual machines
> don't like MAC spoofing at all (e.g. in VirtualBox networking breaks
> completely for NAT- and bridge-based adapters). Therefore I also made
> T-G check if we're running in a virtual machine, and if so it changes
> the default to *disable* MAC spoofing. For more info, see the blueprint,
> section "MAC spoofing and virtual machine networking issues".
> Furthermore, if the user checks the MAC spoofing box, a warning is
> shown. The warning disappears if the box is unchecked, which is unlike
> the warning shown when the admin passwords mismatch, which never removes
> the warning. For greater consistency, I also made the latter warning
> disappear once once changes any of the password entries, which I think
> is a general improvement.


I'm concerned about the impact on our test suite: it seems suboptimal
to (automatically) test code paths that are different from the ones
most users will go through. IIRC we're setting a kernel cmdline
parameter when running the test suite, so perhaps this changing of
defaults could be disabled when a testing environment is detected?
(Assuming the libvirt/qemu stack we're using is not affected by the
same issues as VirtualBox.)

Cheers,
--
intrigeri
| GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
| OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc