Menu
▾
▴
Re: [Whonix-devel] Development Discussion: Should Network Manager get installed by default?
|
From: adrelanos <adr...@ri...> - 2013-04-01 13:31:58
|
Vladimir Arseniev: > On 04/01/2013 04:05 AM, adr...@ri... wrote: >> [https://sourceforge.net/p/whonix/wiki/Dev_NetworkManager/](https://sourceforge.net/p/whonix/wiki/Dev_NetworkManager/) >> >> URL: http://sourceforge.net/p/whonix/featureblog/2013/04/development-discussion-should-network-manager-get-installed-by-default/ > > It's my impression that network manager (in Ubuntu etc, at least) may > alter various networking settings in order to maintain connectivity. Yes, but not if they are configured with ifupdown in /etc/network/interfaces. According to 13.04 man page http://manpages.ubuntu.com/manpages/precise/en/man5/NetworkManager.conf.5.html (ifupdown plugin) it's still not planed. I believe you mean, that NM can create, manage etc. new interfaces, but they won't write into /etc/network/interfaces and won't involve ifupdown, it uses it's own configuration files. > I've used it with network-manager-openvpn as VPN client, and it's very > intuitive. But I'm not sure that I'd trust it managing Whonix's internal > network interface. Well, in Whonix-Workstation case in worst case it leaks through Tor. Just expanded that page. Quote https://bugzilla.gnome.org/show_bug.cgi?id=689339#c4 > "*Please also understand that currently networkmanager is not a security tool at all. VPN plugins are regarded as connectivity plugins, not security plugins.*" Missing auto-reconnect feature: https://bugzilla.gnome.org/show_bug.cgi?id=349151 So perhaps using NM to set up VPNs for security isn't a good idea. Doesn't look like it has a fail closed mechanism: https://sourceforge.net/p/whonix/wiki/VPN/#fail-closed-mechanism |
