New ZeroConf Spec
Dennis Kaarsemaker
dennis at kaarsemaker.net
Thu Jul 27 12:38:42 BST 2006
On do, 2006-07-27 at 04:28 -0700, Dan Kegel wrote:
> uh-oh. My horror level is back to full-on.
> - Dan
Why? mDNS is not installed by default yet and this merely facilitates
people who explicitely install it.
> p.s. Yes, I should have left ssh out of the list of apps that trust
> hostnames. (It's a rule in technical flamefests that if you have
> any false statement in a post, readers will discount the rest of the
> post. C'est la vie.)
No. I've seen 'Hmm host key identificatin changed, let's rm
~/.ssh/known_hosts' so often, that ssh is perfectly valid in your list.
> Also, cups autodiscovery seems to be off in ubuntu:
> http://gcc.gnu.org/bugzilla/show_bug.cgi?id=28480
> perhaps that was for security reasons?
Indeed.
All flaming/nonsense in this thread aside, I think it's good that the
security implications of mDNS are discussed.
--
Dennis K.
Time is an illusion, lunchtime doubly so.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 191 bytes
Desc: This is a digitally signed message part
Url : https://lists.ubuntu.com/archives/ubuntu-devel/attachments/20060727/b3012fb8/attachment.pgp
More information about the ubuntu-devel
mailing list