Re: Preferences [Was: a whole lot of other things, too]



Rui Miguel Silva Seabra <rms 1407 org> writes: 
> It's still valid that it should not be enabled by default, for security
> reasons.
> A more reasonable thing to do, would be to have AN OPTION to try to
> detect and use dhcp automatically in the "Networking" gui, and have that
> option DISABLED BY DEFAULT.

But the whole issue here is whether you automatically set up
networking or make people open the network GUI.

The network tool already has a single checkbutton "use DHCP"
 
> auto-firewalling, maybe... but AFTER user has manually selected
> dhcp.
> 
> Networking, unfourtunately, is an environment where danger is
> ubiquitous.

What is the actual attack scenario you are worried about?  Hostile
DHCP servers overflowing a buffer in the DHCP client?

Why would I plug a machine in to an ethernet that potentially contains
hostile DHCP servers? Couldn't such an ethernet also be full of a
million other things that don't require a DHCP client running on order
to mess me up?

Or is the problem that the machine goes on the network at all?  If the
user doesn't plan to be on the network, why is the machine plugged in
to the network?

Security/convenience are always a tradeoff, the question is, what is
the risk analysis in this specific situation. Does doing DHCP
automatically substantially increase risk?

Havoc




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]