Re: make gnome listen on localhost:*
- From: Paul Warren <pdw ferret lmh ox ac uk>
- To: Jim Gettys <jg pa dec com>
- Cc: gnome-list gnome org
- Subject: Re: make gnome listen on localhost:*
- Date: Thu, 15 Jun 2000 01:00:17 +0100 (BST)
On Wed, 14 Jun 2000, Jim Gettys wrote:
> Fundamentally, you have to get things secure in the first place....
Yes.
> Putting your head in the sand and disabling network access will just
> delay your trouble.
No.
I go back to my example of bind: The authors of bind do their best to
make bind as secure as possible. On past experience, they have made a
complete pig's ear of this. The advice with bind, and indeed any other
network service is "don't run it unless you actually need it".
> So while people may think that people don't run remote applications due
> to the habits ingrained due to PC's, you will be doing so very frequently
> very, very soon.
Brilliant as X's network transparency is, I very rarely find good uses for
it, although I conceed that as network speeds increase more things become
possible.
> Gnome should be following X's original vision, that of being able to run
> applications wherever is appropriate, with the display in front of you.
> The missing piece has been remote invocation of the applications (at least
> more than you get with rsh and/or ssh), which is what Gnome is using
> Corba for (along with interface specification). And with the government relaxing
> on strong crypto at last, we can get this done right (only 15 years later
> than I wish we'd been able to, sigh...).
Strong crypto will get around some security issues, but it doesn't change
the fact that the more services you have listening, the greater the
"surface area" visible to an attacker is.
> So I believe the solution is do solve the problem right this time, not
> ducking the problem... Somehow I don't think I want to explain to a naive
> end user that he has to much with his second machine in some magic way
> to get "the right thing" to happen...
I don't want to have to explain to a naive end user that they have to
upgrade ORBit because a hole has been found on it, and it is listening to
the outside world by default. "but I don't use ORBit" "but there's
nothing of value on my machine, why wouldn't anyone want to break in?"
Paul
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
