New ZeroConf Spec
slomo at circular-chaos.org
Thu Jul 27 13:00:27 BST 2006
On Do, 2006-07-27 at 12:43 +0100, Chris Jones wrote:
> On 12:34:29 pm 27/07/2006 Sebastian Dröge <slomo at circular-chaos.org>
> > application's job to say which services they want and what they want
> > to do with these services.
> Then that is where the selection should be. Avahi can receive all the
> notifications malware infested machines care to send, but if they're being
> ignored because they obviously make no sense then there's no problem (avahi
> exploits aside, as I mentioned previously).
> To extend my prior quick-look at this stuff, I've just installed the
> service discovery applet on my machine here at work where we have a lot of
> Apple machines and while I can now see lots of printers, machines, itunes
> and so-on services, I can't actually do anything with any of them anyway,
> the only services we have that lead to actual actions are the web pages
> announced by our printers.
CUPS can work with these printers (but needs a patch AFAIK).
> So in addition to my questioning of the actual security problems this opens
> up, I have to question how useful it actually is. Which services (other
> than zeroconf ad-hoc networking, which cannot and will not ever be secure
> by its very nature) are people expecting this to provide? Looking at the
> list of options in the applet, I'd say that beyond web pages and printers,
> not much.
web pages, DAAP audio sharing, seahorse public key sharing, ssh, webdav,
ftp, distcc services, gobby sessions, gnome-games network games, ekiga
"person" sharing and many more ;)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: This is a digitally signed message part
Url : https://lists.ubuntu.com/archives/ubuntu-devel/attachments/20060727/69356496/attachment.pgp
More information about the ubuntu-devel