New ZeroConf Spec
Florian.Zeitz at gmx.de
Thu Jul 20 23:46:45 BST 2006
-----BEGIN PGP SIGNED MESSAGE-----
Micah J. Cowan schrieb:
> On Thu, Jul 20, 2006 at 11:40:44PM +0200, Florian Zeitz wrote:
>> Installing ZeroConf by default isn't trowing Ubuntu's security policy
>> out the window. Enabling it by default would be. That is why I and many
>> other people have suggested to install it, turn it off by default and
>> implement some sane method for it to be started and stoped.
> Well, then, you and I agree. Why did you start arguing with me?
> ...but this was not the impression you gave me in this subthread:
> Christoph Sturm wrote:
>> maybe there is a solution between "no open ports" and "doing
>> everything as root".
>> my osx box for example feels quite safe, and it listens on the
>> zeroconf port.
> To which I responded:
>> Everything feels quite safe, until it is exploited. Feeling of security
>> in the absence of the real thing is far too common, and worse than
>> having neither.
> To which /you/ responded, somewhat patronizingly:
>> This is a non-argument statement on it's own, so let me help you out
>> with some reasoning:
Yes, I felt a bit sorry about this statement later, but it should say
noting different than:
"I share your opinion, but you just have thrown a statement in the
discussion which doesn't really make sense to people, because it's not
backed up by argument, so let me provide some:"
>> To use the same paradigm as for E-Mail/IM/Web Browsing for zeroconf,
>> zeroconf should be started as soon as a application wants to use it and
>> stopped as soon as the application doesn't need it anymore. I don't know
>> how feasible this is, but it's IMO the "right" solution.
> This doesn't fall under "some sane method", to me.
> Nothing about prompting the user or anything, just *bam!* it's there.
Yes, you're right about that. I didn't spend much time thinking about
this options, because I thought it was too hard to implement anyway. It
still would be good if one adds a step that asks the user if he wants to
enable zeroconf temporarily and informs him about the consequences.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (MingW32)
-----END PGP SIGNATURE-----
More information about the ubuntu-devel