[tor-dev] [Otter/Cute] What's Cute in APAF
Fabio Pietrosanti (naif)
lists at infosecurity.ch
Thu Oct 10 20:39:13 UTC 2013
Cool!
I'd like to suggest several changes to the implementation strategy for Cute:
* Cute should be an "application" and it must not be for any reason a
virtual machine that's a nerdy/geeky things.
An application has to be distributed trough Mac App Stores, Ubuntu
App Stores, Windows App Stores.
* Cute should not have multiple process running (only a single process,
no LAMP that's difficult to be maintained)
* Cute's Wordpress must use SQLite backend (to keep it selfcontained)
* Wordpress should run over a secure Python sandbox
Assuming the use of APAF, wordpress must be run using php-cgi, with a
sandboxed profie from Twisted
http://stackoverflow.com/questions/14541813/python-twisted-render-php
* Use Tor2web for "Edge Cache Nodes", without using other piece of software
It just need to implement caching with
https://github.com/globaleaks/Tor2web-3.0/issues/29
Fabio
Il 10/10/13 2:02 PM, Michele Orrù ha scritto:
> Dear Team,
>
> For completeness' sake I am attaching to this email the report I wrote
last
> week in order to summarize what the project APAF is about, and what
there is in
> common between it and the Otter/Cute proposal.
> Eventually, feel free to add it to the trac page.
>
> After reading ["Cute" design and challenges], though, I think the
report lacks
> an exhaustive description of APAF's threat model.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20131010/f8d1254f/attachment-0001.html>
More information about the tor-dev
mailing list