Re: make gnome listen on localhost:*
- From: "Ali Abdin" <aliabdin aucegypt edu>
- To: "Matthew Kirkwood" <weejock ferret lmh ox ac uk>,"Elliot Lee" <sopwith redhat com>
- Cc: "Leland Elie" <datazone airmail net>, <gnome-list gnome org>
- Subject: Re: make gnome listen on localhost:*
- Date: Thu, 15 Jun 2000 19:55:07 +0300
> Yes, and it's nice and easy. But, in this case, it's still
> the wrong way around.
>
> All we want is a safe default and a panel applet which does
> the equivalent of:
>
> dialog --yesno "ADVANCED: Allow communication with\nremote desktops" \
> 15 50 && echo ORBIIOPIPv4=1 >>.orbitrc
>
> This is not about the quality of code in ORBit or GNOME. It
> is about providing an absolutely basic level of security for
> users.
>
> And, for what it's worth, I know zero people who run panel
> applets remotely (which would appear to be the primary use
> of this feature so far) and half a dozen who, independantly,
> have been unimpressed by the output of netstat on a default,
> logged-in Red Hat install.
I think _ONE_ of the reasons that ORBit will /NOT/ disable the inet sockets
thing by default is because if it does it is not following the CORBA
standard. ORBit is a CORBA ORB - if it does not follow the standard what
does it become?
But anyway - if somebody does not like the fact that ORBit uses inet sockets
by default you can feel free to create a program or a 'capplet' called
'Secure ORBit' or something. Then if distro's wish to be security concsious
or whatever they could distribute it by default.
This is not really a GNOME or ORBit issue. ORBit is doing its job by
following the CORBA standard. GNOME is doing its job by using ORBit and
CORBA.
I do not advocate one way over the other. I'm just saying - it does not like
Sopwith is going to budge on this matter and instead of arguing about it
(and spamming my mailbox) you could just 'be effective' and code something
up and distribute it
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
