Re: make gnome listen on localhost:*

From: Derek Simkowiak <dereks kd-dev com>
To: Paul Warren <pdw ferret lmh ox ac uk>
Cc: Elliot Lee <sopwith redhat com>, gnome-list gnome org
Subject: Re: make gnome listen on localhost:*
Date: Wed, 14 Jun 2000 13:43:39 -0700 (PDT)

-> > > As Gnome becomes more popular on desktops with permanent network
-> > > connections, you can be sure that this will become a popular breakin
-> > > route.
-> > 
-> > So unplug it from the network - there are plenty of other more interesting
-> > network services to choose from if you want to break in. 

	Maybe it's just me, but this statement seems incredibly dangerous
and ignorant.  I read that as "Why should we secure Orbit, there are
plenty of other things people can use to break in."  (?!)


-> > Or install a firewall, or set up TCP Wrappers properly.
-> 
-> The less technically minded will not know how to do this, or understand
-> why they need to.

	I agree about the less technically minded folks.  I think the
Gnome target audience includes people from the I-Mac target audience.
"Firewall? TCP?  Wrappers?  Install something?  What does that mean?"


-> to be serving up anything which I have not deliberately and explicitly
-> turned on.

	Now if this small bit of common sense would only make it to the
Linux distro management people...

	Every network service should be turned OFF by default.  If you
want to serve telnet, web, etc. then you should have to explicitly turn
that crap on.  Installing Apache (et. al) by default is cool; just don't
turn it on by default!

	At least then you'll KNOW that you're opening a door to your
system (and won't be left wondering why you were made vulnerable to a
security exploit for a service you never even used).


-> installation.  It (and any other services) should be turned on only by
-> people who understand what they are doing, and undertake to keep it up to
-> date and secure.

	Oops... didn't realize that had already been said :)


-> couple of years ago.  This has lead to some colleges banning Linux
-> machines from being connected to the network.

	Speaking as an administrator: As long as the popular Linux distros
ship with network services enabled by default, banning those distros from
your campus network is not a bad idea.  The last thing an admin wants is a
bunch of inexperienced newbies offering network services that they don't
understand, can't configure, and won't maintain.

	Of course I love Linux, but the current state of "default"
installations really bugs me.

	In regards to Orbit, I see it as Yet Another Unwarranted Service
that will be turned on.

	Don't you think that, if I wanted to offer a CORBA object to
other machines, I would know that I needed to explicitly turn on CORBA
services?  And if I have to turn it on, I'll know to upgrade it when a
security patch comes out.

-> that does not mean that it should be listening by default.  The OpenSSH
-> code went through the rigorous OpenBSD security procedures, but a fairly

	The SSH history is such a great example of why ports should be
closed, unless they are explicitly needed.

	I read an email on one of the lists that said there was an Orbit
configuration option (was it compile-time or run-time?  Don't remember)
that would use a local Unix socket (PF_UNIX) instead of a TCP/IP stream
(PF_INET).

	Assuming that's true: for god's sake, make the default Unix
sockets!  How many Gnome users (experienced or otherwise) really need to
export their CORBA objects to other computers?

	CORBA may make a great substitute for COM, but since Orbit is
being used in Gnome for desktop applications (and not distributed
computing problems) keeps those ports closed!

</RANT>


--Derek

P.S.> I'm glad to hear about the audit...

Follow-Ups:
- Re: make gnome listen on localhost:*
  - From: Wandered Inn
- Re: make gnome listen on localhost:*
  - From: Sean Murphy

References:
- Re: make gnome listen on localhost:*
  - From: Paul Warren

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]