New ZeroConf Spec

[Florian Zeitz]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Micah J. Cowan wrote:
> zeroconf is a *completely* different beast from E-mail, IM, or Web
> browsing. All of these /make/ connections, but don't receive them, and
> certainly none of them blindly accept connections from any host that
> chooses to speak with them. There is no inherent problem to firing up a
> mail agent: the security problems have always been with once you
> specifically read a malicious e-mail (I'm talking about MUAs here, not
> MTAs). There is no inherent problem to firing up a web-browser: security
> problems have always had to do with specifically viewing a particular
> site.
> 
> With zeroconf, there are serious passive security issues. It should
> /never/ be activated without explicit choice on the part of the user.
> Now, that explicit choice /could/ be to say: allow all further request
> for zeroconf without pestering me, but it still needs to be explicit (it
> should never be set up that way by default.
> 

This is not true. Just the fact that a program is receiving data is
technically enough to make it possible to use a theoretical exploit and
I don't think that there are necessarily more of them hidden in avahi
than in Evolution, Firefox or Gaim.
But that wasn't the point, the point is that the user must be aware that
he currently is running something that is potentially dangerous.
Also if there are right now passive security issues you know of, I'd
like to hear them and you should file them as bugs.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (MingW32)

iD8DBQFEv+kv0JXcdjR+9YQRAnddAJsGBSjQ43qYH4hzWhScIF4swhPywQCcCIwI
UCFd5fLo55Bj1rusXcUp1zc=
=EN3H
-----END PGP SIGNATURE-----