Re: Platform

From: Lennart Poettering <mztabzr 0pointer de>
To: desktop-devel-list gnome org
Subject: Re: Platform
Date: Wed, 27 May 2009 03:06:11 +0200

On Thu, 21.05.09 11:36, Matej Cepl (mcepl redhat com) wrote:

> Stefan Kost, Mon, 18 May 2009 22:39:21 +0300:
> > Now that apple has closed the whole bonjour stack, I would prefer to
> > build on upnp. We have gupnp, which is actively developed and fitting
> > nicely here.
> 
> a) Nothing can be more closed than closed ... which Microsoft's UPNP
> IIRC.

Not true. For both technologies there is freely available
documentation. The UPnP docs suck ass though, apparently. ;-)

> b) UPNP is known security threat and the only sensible advice to
> anybody> caring a bit about security is to switch it off (on Windows, don't know 
> the situation on Linux).

I am pretty sure that Avahi is much more careful when it comes to
security than the average upnp implementation, but generally the lower
layers of upnp and mdns are equally safe or unsafe.

The bad security record of UPnP stems from UPnP IGD which allows you
to reconfigure routers and does provide no authentication. But if
you'd build a similar technology on top of mDNS/DNS-SD it wouldn't be
any better.

Lennart

-- 
Lennart Poettering                        Red Hat, Inc.
lennart [at] poettering [dot] net
http://0pointer.net/lennart/           GnuPG 0x1A015CC4

References:
- Platform
  - From: Shaun McCance
- Re: Platform
  - From: Stefan Kost
- Re: Platform
  - From: Matej Cepl

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]