Re: make gnome listen on localhost:*
- From: Leland Elie <datazone airmail net>
- To: Elliot Lee <sopwith redhat com>,Chris Evans <chris ferret lmh ox ac uk>
- Cc: gnome-list gnome org
- Subject: Re: make gnome listen on localhost:*
- Date: Thu, 15 Jun 2000 10:18:21 -0500
At 10:27 AM 6/15/00 -0400, Elliot Lee wrote:
>By the time your solution arrives at the userbase, it will be obsolete,
>and it already would cause problems for at least a few users inside &
>outside of GNOME. The solution needs to be a lasting one, or in six months
>we are going to have to be doing exactly what Paul was complaining so
>vehemently about: Telling users why their packages need updating because
>of security reasons.
>
>Needless to say, I do not consider turning off network access a lasting
>solution, :)
Elliot, i respect your opinions.. but in this case you are WRONG.
Security should be paramount on a users desktop, since this is where GNOME
is supposed to be aiming at, now if i am wrong, and GNOME is aimed at
Network administrators, then please correct me. Honestly, peoples
feelings are going to get smashed hard in this debate, but to hell with
feelings, i really do not want to go to slashdot one morning and read an
article about some major exploit in ORBit.
You can sing all the songs about firewalls, but you know what? no one is
listening, most new users don't know the difference between X and GNOME,
yet you expect them to understand how to setup up and maintain a secure
firewall? You may then say: "well, its just a bandaid solution, and we
will need to fix it in 6 months", SO WHAT? at least we will HAVE some sane
security for 6 months while you guys decide what is the best method to use
the features of ORBit without compromising the end users. Sure you may
think features are all people want, but when you go down that road, you end
up with the OutLooks vbs exploits, and the IE activeX exploits, and the
Word macro exploits. Honest to god, we are not trying to cause problems
or give developers more work, but this is the long and short of it, and
unless GOD Almighty comes down and proclaims that there will be no exploits
of ORBit, then i will be happy, but unless that happens, this is an issue
that needs to be resolved. I would hope that the other GNOME leaders
step in and make a decision, cause by the look of the mailing list, people
are not happy with the current situation.
Leland Elie
What do you mean i have a port open? i don't own a ship!
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]