Re: Security (was: make gnome listen on localhost:*)

From: Derek Simkowiak <dereks kd-dev com>
To: jgotts linuxsavvy com
Cc: gnome-list gnome org
Subject: Re: Security (was: make gnome listen on localhost:*)
Date: Wed, 14 Jun 2000 16:00:21 -0700 (PDT)

-> >	Just turn the crap off. 
[...]
-> >default it to Unix sockets instead of TCP/IP sockets
[...]

-> "An ORB [object request broker, the fundamental part of CORBA] must support
-> IIOP [the Internet [TCP/IP] Inter-ORB Protocol] (but can support other
-> additional protocols) in order to be considered to be CORBA 2.0 compliant."
-> 
-> - _Teach Yourself CORBA in 14 Days_ by Jeremy Rosenberger.
-> 
-> "Support" means turned on by default.  I think you might need to do some more
-> reading.


	Where did you get that definition of "Support"?  My interpretation
of "support" is that TCP/IP has to be *possible*, not "turned on by
default".  If you read my email, you'll notice I suggested that TCP/IP
"support" be left in ORBit.

	Presuming that all Gnome applications will use ORBit for their
inter-application communication, Unix sockets would work fine for the
desktop while greatly reducing the risk of security holes.  If people want
to use ORBit for non-Gnome stuff (like actual distributed applications),
let them turn on TCP support.  At least then they'll have a clue to
upgrade when a major buffer overflow is discovered in ORBit.


--Derek

References:
- Re: Security (was: make gnome listen on localhost:*)
  - From: John Gotts

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]