Re: Disable ZeroConf: how to ?
On Thu, Mar 3, 2011 at 12:22 PM, Lars Wirzenius <liw@liw.fi> wrote:
> On to, 2011-03-03 at 11:54 +0100, Klaus Ethgen wrote:
>> Am Do den 3. Mär 2011 um 11:25 schrieb Tollef Fog Heen:
>> > Then just don't use it? Nobody is forcing you to.
>> [...]
>> > | And even if you not care about, then that functionality should be
>> > | explicit configured and not per default.
>> >
>> > That makes it much less useful. On the other hand, it's not like your
>> > system will suddenly go around connecting to random services just
>> > because it sees them announced.
>>
>> So you contradict yourself within two paragraphs. It makes it less
>> useful to enable it only on manual intervention (say, it should be
>> enabled automatic) but on the other hand you say that nobody is forcing
>> me (or others) to use it. How do that plays together?
>
> I don't see a contradiction between "nobody is forced to use zeroconf"
> and "zeroconf is less useful if it has to be enabled manually". The fact
> that zeroconf is enabled by default on the GNOME desktop does not make
> it mandatory for everyone to use. (Yes, it would be nice if there were
> an easy way to disable it.)
>
> However, could we please end the FUDfest? This thread seems to be quite
> unconstructive, with unspecific claims of security problems, unwarranted
> slurs on users based on their operating system, and accusations on
> Debian developer's attitudes. If there is an actual problem, explain
> what it is, and suggest a solution.
main security problem is resolver,
$host -v www.local
www.local
www.local.mydomain.com
see security issue in draft paper also in case
http://tools.ietf.org/html/draft-cheshire-dnsext-multicastdns-08
more important:
phpmyadmin package have created a link in /etc/avahi/services without
any question. Everybody know in my network that I have a phpadmin
service running on my server. I will ASAP create a bug report with a
security tag.
Bastien
Reply to: