[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: hurd does NOT need /hurd



On Mon, May 20, 2002 at 07:49:49PM -0400, Michael Stone wrote:
> > > It's also correct, from a certain point of view. </obi-wan> There is a
> > > school of thought that firewalls are only useful if you are trying to
> > > protect network services that you can't secure properly.
> > Which is quite accurate. We can't secure our services properly. If we
> > could, we would have, and we wouldn't be wasting time worrying about
> > making sure we can do security updates in a timely manner.
> Again, if you have no faith at all in the security of your service, the
> only useful firewall rule is "DENY" from "ALL", which is equivalent to
> "don't listen". 

No, that's not the case. If I have faith in the reliability of the
service in normal use, but none in its security, I ensure that it's only
accessible by *people* I have faith in. I can do that with firewalling
tools.

> For that matter, why are you complaining about the lack
> of a firewall in hurd while our default install has network services
> without even the firewall that you use as a security blanket?

Because I'm not talking about defaults. Nor am I talking about things that
everyone will be compelled to use. I'm talking about features that *must*
be made available for me to be able to look someone in the eye and say
"Yes, Debian GNU/Hurd 3.1 is ready for your use."

(That's the same principle that's ensuring you're getting mozilla,
rsync and apache in Debian GNU/Linux...)

> (Another argument, but one I'd really like to win by woody+1.)

I think you've already won that one without the proviso, although some
of the implementation's still on one of my copious todo lists...

> > > More importantly, for this school of thought, is the fact
> > > that firewalls offer a false sense of security. 
> > Actually, they offer a much *stronger* sense of security. It's easier
> > to say "Don't allow any traffic from this device to port 80" with a
> > system-wide firewalling tool and be confident that nothing's going to
> > get in, than to do the same thing from the application.
> How do you feel more confident that the firewall won't break than that a
> web server won't magically install itself? 

I may've already installed a webserver that I'm happily accessing from
another interface.

> At any rate, the point isn't that I won't allow the use of firewalls,
> but that they aren't an essential element of all security models. tb
> overstated his point, but it shouldn't be dismissed.

I've no idea why you're overstating my point like that. A firewall is
a necessary feature of a modern operating system. If users choose not
to make use of that feature, that's their decision, and good luck to
them. I'm not sure I have an opinion on whether default firewalling rules
would be a help or a hindrance.

Anyway. The Hurd needs some basic firewalling tools.

Cheers,
aj

-- 
Anthony Towns <aj@humbug.org.au> <http://azure.humbug.org.au/~aj/>
I don't speak for anyone save myself. GPG signed mail preferred.

     ``BAM! Science triumphs again!'' 
                    -- http://www.angryflower.com/vegeta.gif

Attachment: pgpuvSywABkVH.pgp
Description: PGP signature


Reply to: