New ZeroConf Spec

[Florian Zeitz]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Micah J. Cowan schrieb:
> It's one thing to talk about "theoretical" exploits where there is no
> theory: that is, you can talk about buffer overflows or whatnot, but
> unless you can prove there is buffer mishandling, you don't _know_ it's
> there (not that I'm saying you should assume it isn't).
> 
I don't really know what you want to tell me here. In theory any
application can have a exploit. "In theory" because you can't be sure.
So you are saying nothing different than I'm saying...

> They're not bugs, they're by design. The system, at least as it has been
> described, is inherently insecure, and may only be used if the user
> implicitly trusts the network on which he resides, as well as their
> ability to firewall bad packets that avahi might use.
> 
> I don't use Avahi, so perhaps I've been misled. But according to what I
> understand from descriptions on this mailing list, it will keep an open
> listen on a known UDP port, accepting any packet fed to it, all of which
> are capable of altering its knowledge of the Domain Name System. If all
> of this is correct, then I don't know why we're arguing about whether it
> has secuirty issues or not: it is _trivial_ to demonstrate how DNS
> poisioning can lead to serious problems for the unwary (and even the
> wary) user.
> 
Actually that is not the way I understood zeroconf, or at least not as
the main point behind it. AFAIK it's main purpose is to advertise
services to other users on the network. Those will be made aware of
these services if they start an application that uses is.
Exapmles:
Start Rhythmbox -> You get to know User XY is shareing music on the
network and are free to listen to it or not.
Or Start Gaim and learn that users X Y and Z are currently available for
chat.

Reconfiguring DNS etc. is possible, but is nothing that zeroconf in
itself does. It can be done though if you use something like
NetworkManager with it.

That is the way I understand it, I might be wrong to because I'm neither
actively using it. A third person should enlighten us a bit.

> ZeroConf-installed-by-default may be a good idea. For some other distro.
> Asking the developers of a distro with a solid and commendable security
> policy just to throw it out the window for such a small benefit is
> silly.
> 
Installing ZeroConf by default isn't trowing Ubuntu's security policy
out the window. Enabling it by default would be. That is why I and many
other people have suggested to install it, turn it off by default and
implement some sane method for it to be started and stoped.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (MingW32)

iD8DBQFEv/hc0JXcdjR+9YQRAp5mAJ0SBt4CNqumeGqqWp7L5id0U/XNYQCfS71X
87aoiAixzxry4nFiRQHhuGU=
=JUfV
-----END PGP SIGNATURE-----