Re: make gnome listen on localhost:*

[Elliot Lee <sopwith redhat com>]

On Wed, 14 Jun 2000, Derek Simkowiak wrote:

> -> So while people may think that people don't run remote applications due
> -> to the habits ingrained due to PC's, you will be doing so very frequently
> -> very, very soon.
> 
> 	Not *that* soon.  Gnome apps will reside locally for the next
> couple of years, at least.  DSL will need to be the standard (rather than
> the exception) before running an app via CORBA objects will be as
> practical as running an app via the localhost.
>
> 	CORBA acrossed a 33.6K AOL dialup (the most common desktop user)
> is just impractical.

This sweeping generalization is irrelevant to the problem. (There are a
lot of uses of CORBA that don't require any faster a connection than any
other dialup uses do, and in any case, no matter what they are using it
for, they shouldn't have to sacrifice usability for security. By the time
the proposed solution actually got out to the user, CORBA-over-the-network
would be a lot more widespread, meaning the real problem still existed and
your 2-penny "solution" had accomplished nothing).

> -> So I believe the solution is do solve the problem right this time, not
> -> ducking the problem...
> 
> 	Ah yes... let's just pretend that there are no holes in ORBit and
> that exploits won't be found-- therefor, we can keep ourselves open to the
> world at large.  (That's ducking the problem if I ever heard it :)

Ah yes, let's just pretend that there is no solution possible, and so just
not bother trying to fix actual problems. That way the software will
definitely remain insecure, and we won't ever have a hope of getting the
software useful in a networked environment.

But that's OK - who cares about usability as long as the computer is
"secure"?

-- Elliot