Security (was: make gnome listen on localhost:*)

From: Derek Simkowiak <dereks kd-dev com>
To: Elliot Lee <sopwith redhat com>
Cc: Paul Warren <pdw ferret lmh ox ac uk>, gnome-list gnome org
Subject: Security (was: make gnome listen on localhost:*)
Date: Wed, 14 Jun 2000 13:50:36 -0700 (PDT)

-> > > Or install a firewall, or set up TCP Wrappers properly.
-> > 
-> > The less technically minded will not know how to do this, or understand
-> > why they need to.
-> 
-> That is what the Gnome project exists to fix... :)

	Turning an /etc/inetd.conf into GUI buttons doesn't solve the
problem.

	The average non-technical user doesn't understand the *concept* of
a firewall, or even networking.  No matter how good your GUI is, if you
don't understand what a wrapper is or why you would need one, you'd never
even know that you need to configure your ipchain rules (let alone know
how to configure them correctly).

	Many of us Unix users are so entrenched in computer technology
that we don't realize most of the users --people to want to send/receive
email, and shop online-- don't know the difference between their monitor
and their CPU.  Of course they need to learn some things (like the
difference between their monitor and CPU :) but asking them to understand
TCP/IP security is unfair and unwarranted.

	Just turn the crap off.  If you know enough to want to offer
network services, you know enough to turn them on.  Regarding Orbit,
default it to Unix sockets instead of TCP/IP sockets (with TCP/IP sockets
an option for those people who really need to share CORBA objects).


--Derek

Follow-Ups:
- Re: Security (was: make gnome listen on localhost:*)
  - From: John Gotts

References:
- Re: make gnome listen on localhost:*
  - From: Elliot Lee

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]