Re: Required firewall support
Joel Aelwyn dijo [Wed, Mar 16, 2005 at 08:39:48PM -0700]:
> * SCC systems have buildds.
> * Buildds must be network accessible.
> * The first rule of securing a machine exposed to the wilds is "Deny by
> default, allow by need".
> Therefore, a box which does not provide basic firewalling capabilities
> (whether that's achieved by configurable ACLs, mind-reading the human
> traffic trigger, or pixies inspecting every packet) is thus not suitable
> for running a buildd on, and thus can never achieve SCC status.
> Sorry, but being able to cope with a hostile environment *is* a requirement
> in today's network, and there isn't any real way around that fact. I have
> no clue where Hurd network filtering stands at the moment, so I can't
> comment on how far it is from having this feature. I wouldn't be willing to
> admin any such box that was plugged into a network using a ten foot pole,
> and I don't see why the DSA folks should be expected to either.
I would admin such a machine precisely by using a ten foot pole - That
ten foot pole can be materialized into a firewall-able machine sitting
between it and the network.
I agree that any Debian architecture needs to provide basic networking
facilities, but I don't think firewalling is a real requirement. Yes,
of course, we expect users to actually _run_ this architecture, and
they will probably be connected to the network, and thus they can be
at risk - But right now Debian installs are done with no firewalling
rules on anyway.
Gunnar Wolf - firstname.lastname@example.org - (+52-55)1451-2244 / 5554-9450
PGP key 1024D/8BB527AF 2001-10-23
Fingerprint: 0C79 D2D1 2C4E 9CE4 5973 F800 D80E F35A 8BB5 27AF