Re: make gnome listen on localhost:*



On Wed, 14 Jun 2000, Elliot Lee wrote:
> On Thu, 15 Jun 2000, Paul Warren wrote:
> 
> > > The reason I hate the suggested type of solution is because it is a hack
> > > that only works for a very special set of apps, 
> > 
> > You mean apps run locally?  That's not a particularly special set for you
> > average one-box desktop user.
> 
> No, I mean "apps that use ORBit" as a special set.
> 
> People are suggesting turning off TCP/IP for apps-that-use-ORBit, and then
> they'll submit patches to turn off networking for apps-that-use-foobar,
> and then yet another set will come along, and your previous solutions
> won't cover that.

I would expect all values the "foobars" to come with no listening services
by default, and a simple mechanism to turn them on.  By default, a
computer should not be offering services by Corba to the world at large
whether I have a firewall or not.

I find this "we don't have to worry about security because everyone will
be running a firewall" deeply worrying, and so do several other people on
this list, it would appear.

> > > A proper firewall setup will catch everything, 
> > 
> > Where do you propose putting this firewall?  On the box running Gnome
> > (this is where Joe Average with his one box will have to put it)?  If so,
> > then what's the point of having the port open in the first place?
> 
> The point is how the access control is implemented, and having one
> solution that covers a wide variety of security problems is a lot more
> effective than a bunch of band-aid solutions.

Turning on network listening is a pretty basic piece of functionality -
hardly a "band-aid" solution.

> > BTW, if you are suggesting that we should all be running firewalls
> > that prohibit listening on high numbered ports
> 
> > then you're going to break passive mode FTP
> 
> For the desktop user? Your in-depth knowledge of networking continues to
> amaze me...

YES!! Do you know how passive mode FTP clients work?  I'll give you a
clue: it involves setting up listening sockets on the *client* machine to
recieve data transfers.

> > and possibly other stuff, and the average desktop user will fix this
> > by... turning off the firewall.
> 
> This is only because the existing firewall setups are primitive and
> limited, which are things that a proper solution would fix.

Firewalls are, by their nature, very low level.  They do not care about
what the packets are being used for.  It would be impossible to use a
firewall to allow passive mode FTP clients, but disallow ORBit/other
services that you can't be bothered to turn off by default connections.  

> > > Is anyone interesting in coming up with "the proper solution" that sets 
> > > a safe default config and makes it easy to make changes? I might be
> > > interested in helping with such a thing.
> > 
> > You mean an option for the control-center to turn on the network
> > functionality for ORBit, right?
> 
> I'm thinking more like an option to add you to procmail filtering, at this
> point... :)

That'll really help, won't it?  

Paul





[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]