Ethereal-dev: Re: Disector categories (Re: [Ethereal-dev] Priv sep in ethereal)

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: "Stephen Samuel (leave the email alone)" <samnospam@xxxxxxxxxxx>
Date: Fri, 11 Feb 2005 17:55:51 -0800
It sounds like a good idea, although it should always be optional
( I.E. 'Just this once, | Always | Always Ask Me | Never' )

Given how ethereal is used, you can't always trust the network
you're on to be usable (or even trusted).

I'm guessing that you'd also have to have/add versioning to the
data stored about dissectors.

Gerald Combs wrote:
> We can currently keep global and per-user lists of disabled protocols.
> Could we use that as a basis for {en|dis}abling protocols according to
> their level of trust?
>
> Also, would it be helpful to have Ethereal fetch a list of known bad
> dissectors via the web at startup and give the user the option of
> disabling them, similar to the security check Firefox performs at startup?
>
> Gilbert Ramirez wrote:
>
>>No, not defeatist, just realist, considering the current method of
>>Ethereal development. But when I wrote that I didn't realize that the
>>suggestion was a formal code auditing procedure. I agree; with that in
>>effect, the categories would be "audited" and "not-yet-audited", which
>>is more useful.


--
Stephen Samuel +1(604)876-0426             samnospam@xxxxxxxxxxx
		   http://www.bcgreen.com/
   Powerful committed communication. Transformation touching
     the jewel within each person and bringing it to light.