Re: make gnome listen on localhost:*

From: Derek Simkowiak <dereks kd-dev com>
To: Elliot Lee <sopwith redhat com>
Cc: gnome-list gnome org
Subject: Re: make gnome listen on localhost:*
Date: Wed, 14 Jun 2000 18:04:19 -0700 (PDT)

	Elliot, I get what you are saying.  If Red Hat / Mandrake /
Stormix / Debian shipped distros with proper ipchains (read: kernel level)
firewall rules set up --so that every single Gnome desktop would be
secured on every port, unless otherwise specified-- then I wouldn't
advocate the use of Unix sockets.

	But they don't.  They ship systems that install running services
(like sendmail, bind, Apache) but are left wide open to the entire world.
ORBit is now one of these holes. (This continues to amaze me)


	Honestly, I wouldn't care if

	System -> Control Panel -> Export CORBA Services

	affected the socket domain, or if it affected ipchains rules.
Either one would be good--and you are correct that a generalized firewall
ruleset solution is better than the ORBit-specific use of Unix sockets.

	If we had a generalized firewall-based solution, we could have

	System -> Control Panel -> Export CORBA Services
	System -> Control Panel -> Enable telnet connections
	System -> Control Panel -> Enable HTTP connections
	System -> Control Panel -> Allow SSH logins
	[...etc..]

	...and it could all use the same generalized mechanism that you
speak of.  That would be cool!

	But given that

1) Distros continue to be shipped wide open

2) ORBit is the biggest security "unknown" as far as Gnome is concerned

3) Using Unix sockets over TCP sockets will not, for the general user,
affect the usability of the desktop

4) We can't depend on ipchains existing (for a firewall-based solution),
because Gnome is supposed to run on all Unix-like environments (not just
Linux)


	...I think using Unix sockets here makes sense.  If the feature
already exists, shipping it as default would require no extra work and
could be done immediately.

	What you are suggesting requires a generalized Glib-like interface
to the underlying O.S.'s TCP/IP security mechanism, so that all supported
O.S.s could be configured to reject packets on the ORBit ports.  Then we
need the GUI options in the Control Panel to be able to configure those
settings.  That's a noble goal and an excellent idea, but for the time
being we should just use Unix sockets.

	When your idea is implemented, we can just start defaulting to TCP
sockets again (if we want to).


--Derek

References:
- Re: make gnome listen on localhost:*
  - From: Elliot Lee

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]