- From: Lennart Poettering <mztabzr 0pointer de>
- To: desktop-devel-list gnome org
- Subject: Re: Platform
- Date: Wed, 27 May 2009 03:06:11 +0200
On Thu, 21.05.09 11:36, Matej Cepl (mcepl redhat com) wrote:
> Stefan Kost, Mon, 18 May 2009 22:39:21 +0300:
> > Now that apple has closed the whole bonjour stack, I would prefer to
> > build on upnp. We have gupnp, which is actively developed and fitting
> > nicely here.
> a) Nothing can be more closed than closed ... which Microsoft's UPNP
Not true. For both technologies there is freely available
documentation. The UPnP docs suck ass though, apparently. ;-)
> b) UPNP is known security threat and the only sensible advice to
> anybody> caring a bit about security is to switch it off (on Windows, don't know
> the situation on Linux).
I am pretty sure that Avahi is much more careful when it comes to
security than the average upnp implementation, but generally the lower
layers of upnp and mdns are equally safe or unsafe.
The bad security record of UPnP stems from UPnP IGD which allows you
to reconfigure routers and does provide no authentication. But if
you'd build a similar technology on top of mDNS/DNS-SD it wouldn't be
Lennart Poettering Red Hat, Inc.
lennart [at] poettering [dot] net
http://0pointer.net/lennart/ GnuPG 0x1A015CC4
] [Thread Prev