How about just putting up an advisory message that says something like:
"This is a one-time pause to generate a special key to ensure security in Squeak Etoys"
I.e. just tell the end-user what you are doing. This will be sufficient for this build. (And the division by 5 sounds good.)
Cheers,
Alan
At 11:33 AM 10/20/2006, Yoshiki Ohshima wrote:
Hello,
Well, Michael is a bit unsure ;-)
Wow, hehe.
The key might still be in use for signing projects when publishing. If you download a project that was signed with your own key, the sandbox is not switched on. So having a single key for all users would be bad, because everyone would be trusted. Having no key means everyone would be distrusted, which is what we want I think.
We would have to test if projects are still interchangeable between machines with and without key (remember to remove the key from the secure directory). It might be that some file offset changes if the key is taken out.
By looking at the code that guesses the time to generate. It is really a guess. An aspect of it is that we can show for B-Test users that we honors security, and one time overhead of 90-120 seconds is not that bad for that.
I might vote for change the coefficient in the guess expression facter of 5 and limit the number display by 99%, and we keep the preference on.
-- Yoshiki
- Bert -
Am 20.10.2006 um 14:05 schrieb Scott Wallace:
I'll ask Andreas about this later today.
Meanwhile, perhaps Bert could speak with Michael about it as well.
Couldn't hurt to have the advice of the world's two leading authorities on this subject...
Cheers,
-- Scott
On Oct 19, 2006, at 1:32 PM, Yoshiki Ohshima wrote:
Anyway... it appears that disabling the #automaticKeyGeneration preference keeps the key-generation from happening at start-up, yet still allows publishing and loading projects, and still uses MySqueak as the default directory. Maybe that's all that's needed.
I would think so. Did you try to load a project published from an image in a directory into another image in another directory?
Or perhaps, for this build, would it make sense simply to include a pre-built squeak.keys file alongside the image, and not otherwise tamper with the security settings?
Yeah, I thought about this but I think it adds unnecessary complication.
-- Yoshiki _______________________________________________ Etoys mailing list Etoys@laptop.org http://mailman.laptop.org/mailman/listinfo/etoys
Etoys mailing list Etoys@laptop.org http://mailman.laptop.org/mailman/listinfo/etoys
Etoys mailing list Etoys@laptop.org http://mailman.laptop.org/mailman/listinfo/etoys
Etoys mailing list Etoys@laptop.org http://mailman.laptop.org/mailman/listinfo/etoys