Changeset 85d7b85 for doc/README


Ignore:
Timestamp:
2008-04-02T14:22:57Z (17 years ago)
Author:
Jelmer Vernooij <jelmer@…>
Branches:
master
Children:
f9dbc99
Parents:
875ad42 (diff), dd34575 (diff)
Note: this is a merge changeset, the changes displayed below correspond to the merge itself.
Use the (diff) links above to see all the changes relative to each parent.
Message:

Merge trunk.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • doc/README

    r875ad42 r85d7b85  
    4242directory is read-/writable by this user only.
    4343
     44--- (Fork)Daemon mode
     45
     46If you don't want to run any inetd daemon, you can run BitlBee in Daemon
     47mode. Right now, daemon mode may be a bad idea on servers with multiple
     48users, since possible fatal BitlBee bugs will crash the BitlBee process and
     49disconnect all connected users at once. Instead, you can use ForkDaemon
     50mode, which serves every user from a separate process, without depending on
     51an inetd daemon.
     52
     53To use BitlBee in daemon mode, just start it with the right flags or enable
     54it in bitlbee.conf. You probably want to write an init script to start
     55BitlBee automatically after a reboot. (This is where you realise using
     56a package from your distro would've been a better idea. :-P)
     57
    4458
    4559DEPENDENCIES
     
    4761
    4862BitlBee's only real dependency is GLib. This is available on virtually every
    49 platform. Any recent version of GLib (including 1.x versions) will work.
     63platform. Any recent version of GLib (2.4 or higher) will work.
    5064
    5165These days, MSN Messenger clients have to connect to the MS Passport servers
     
    155169====================
    156170
    157 BitlBee stores the accounts and settings (not your contact list though) in
    158 some sort of encrypted/obfuscated format.
    159 
    160 *** THIS IS NOT A SAFE FORMAT! ***
    161 
    162 You should still make sure the rights to the configuration directory and
    163 files are set so that only root and the BitlBee user can read/write them.
    164 
    165 This format is not to prevent malicicous users from running with your
    166 passwords, but to prevent accidental glimpses of the administrators to cause
    167 any harm. You have no choice but to trust root though.
     171There used to be a note here about the simple obfuscation method used to
     172make the passwords in the configuration files unreadable. However, BitlBee
     173now uses a better format (and real encryption (salted MD5 and RC4)) to store
     174the passwords. This means that people who somehow get their hands on your
     175configuration files can't easily extract your passwords from them anymore.
     176
     177However, once you log into the BitlBee server and send your password, an
     178intruder with tcpdump can still read your passwords. This can't really be
     179avoided, of course. The new format is a lot more reliable (because it can't
     180be cracked with just very basic crypto analysis anymore), but you still have
     181to be careful. The main extra protection offered by the new format is that
     182the files can only be cracked with some help from the user (by sending the
     183password at login time).
     184
     185So if you run a public server, it's most important that you don't give root
     186access to people who like to play with tcpdump. Also, it's a good idea to
     187delete all *.nicks/*.accounts files as soon as BitlBee converted them to the
     188new format (which happens as soon as the user logs in, it can't be done
     189automatically because it needs the password for that account). You won't
     190need them anymore (unless you want to switch back to an older BitlBee
     191version) and they only make it easier for others to crack your passwords.
    168192
    169193
     
    174198file COPYING for this license.
    175199
    176 Unfortunately some parts of the Gaim Jabber plugin (most notably the XML
    177 code) were licensed under the MPL (Mozilla Public License) version 1.1. We
    178 could not relicense this code under the GPL. As such it is still licensed
    179 under the MPL. The parts of the code to which this applies are marked as
    180 such.
    181 
    182 The MPL is provided in the file MPL-1.1.txt. This license is not GPL
    183 compatible. It is however a free software license.
    184 
    185 Another part (the md5 algorithm) is licensed under the Aladdin license.
    186 This license can be found in the files, to which this applies.
     200The MD5 algorithm code is licensed under the Aladdin license. This license
     201can be found in the files, to which this applies. The SHA1 algorithm code
     202is licensed under the Mozilla Public License, see http://www.mozilla.org/MPL/
     203for details.
    187204
    188205The Yahoo! library used by BitlBee is libyahoo2 <http://libyahoo2.sf.net/>,
     
    192209        BitlBee - An IRC to other chat networks gateway
    193210                  <http://www.bitlbee.org/>
    194         Copyright (C) 2002-2005  Wilmer van der Gaast <wilmer@gaast.net>
     211        Copyright (C) 2002-2007  Wilmer van der Gaast <wilmer@gaast.net>
    195212                                 and others
Note: See TracChangeset for help on using the changeset viewer.