Re: make gnome listen on localhost:*



> I find this "we don't have to worry about security because everyone will
> be running a firewall" deeply worrying, and so do several other people on
> this list, it would appear.
> 
> > > > A proper firewall setup will catch everything, 

Just think about windows: Lots of security problems appear every now and then,
and some of them could be avoided by a properly set up firewall. Firewalls
exist for windows platform. Does that make the majority of windows machines
secure? NO!! Not everyone is running firewalls, and even if they were, I think
programs should be tightly secured, as relying solely on a firewall is useless.

If we were to rely solely on a single security mechanism, we wouldn't have any 
need for shadow password files, and to "SU_WHEEL_ONLY" option. "Just go and rely
on the DES encryption, it is very very secure!".

Clearly, that isn't very smart. "Secure as many layers as you can, for some of
them will definitely have some sort of security problem".

Note: I'm not a programmer, and my knowledge about CORBA (and hence ORBit)
functionality is very very superficial. I know CORBA services make things very
very easy for integrating things together. I'm not taking one side or the other,
my word is just that things need to be secured to their maximum, BUT always
keeping a balance on useability/security. Network functions are great, but we
should always have a 'secure' default, and maybe some GUI options to activate
the 'possibly' dangerous features of it.

-- 
  .~.   Bruno Lustosa Pereira <lofofora@writeme.com> | UIN 1406477
  /V\   Linux: The choice of a GNU generation!       | Linux Reg'd User #162375
 // \\  For PGP key, send message with subject "PGP" |
/(   )\
 ^^-^^  ... Windows and Gerhard Bergher: Who crashes more often?

PGP signature



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]