[tor-dev] [Otter/Cute] What's Cute in APAF
Fabio Pietrosanti (naif)
lists at infosecurity.ch
Thu Oct 10 20:39:13 UTC 2013
I'd like to suggest several changes to the implementation strategy for Cute:
* Cute should be an "application" and it must not be for any reason a
virtual machine that's a nerdy/geeky things.
An application has to be distributed trough Mac App Stores, Ubuntu
App Stores, Windows App Stores.
* Cute should not have multiple process running (only a single process,
no LAMP that's difficult to be maintained)
* Cute's Wordpress must use SQLite backend (to keep it selfcontained)
* Wordpress should run over a secure Python sandbox
Assuming the use of APAF, wordpress must be run using php-cgi, with a
sandboxed profie from Twisted
* Use Tor2web for "Edge Cache Nodes", without using other piece of software
It just need to implement caching with
Il 10/10/13 2:02 PM, Michele Orrù ha scritto:
> Dear Team,
> For completeness' sake I am attaching to this email the report I wrote
> week in order to summarize what the project APAF is about, and what
there is in
> common between it and the Otter/Cute proposal.
> Eventually, feel free to add it to the trac page.
> After reading ["Cute" design and challenges], though, I think the
> an exhaustive description of APAF's threat model.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the tor-dev