Bugs
From Entuura
Contents |
Critical
CA cert has wrong CRL. Has to be replaced, and the whole network has to be re-configured. To do after Steve is back from Kenya.
Central server must enforce payload naming scheme -- devices should protect themselves, but the central server must also prohibit injection of payloads with evil filenames.
Serious
Low Priority
When updates are processed they are currently downloaded into /tmp. As these files may get very large, this is potentially unsafe. Suggest to use /mnt/usbdrive/ts/tmp if avail. Also perhaps implement some precautionary measures to ensure that a unit with no memory stick does not overload itself with downloaded updates.
Syslog to net does not work (still true?)
Fixed
(I removed old garbage from here, March 2009.)
