[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Disable ZeroConf: how to ?

]] Klaus Ethgen 

Hi,

| The thoughts of that makes me shiver! Trusting untreatable sources on a
| network for configuring local stuff is worse ever.

Then just don't use it?  Nobody is forcing you to.

| > I think those two functionalities are pretty useful to the end-user.
| 
| Well, they might be for a mac or windows user that is not care about
| security at all. But it is horror for a debian user who care at least a
| bit about security.
| 
| And even if you not care about, then that functionality should be
| explicit configured and not per default.

That makes it much less useful.  On the other hand, it's not like your
system will suddenly go around connecting to random services just
because it sees them announced.

| And even worse, debian is often used on server platforms where you never
| ever want to have any such magically configured services.

Oh, I quite like services to announce themselves so I can just do ssh
foo.local.  Not everything gets set up in DNS and ssh caches the host
key so doing a mitm attack after the initial handshake is prevented.
It's not like it'll magically be pulled in on servers or anybody is
suggesting making it part of the base system.

| Ah, and to give a example of the past. No one ever did think about that
| mssql is vulnerable due to a comfort feature until in 2001/2002 the
| mssql-slammer (or how the worm was called) took down mayor parts of the
| net. Zeroconf and avahi plays in the same category.

Except zeroconf isn't routed so to be able to exploit it you need to be
on the same physical segment?

| > gnome-user-share does not share stuff by default as far as I can tell, and
| > padevchooser only uses avahi-daemon for discovering extra Pulseaudio sinks on
| > the network (it doesn't advertise its own sinks by default).
| 
| Uh, you mean, that anybody can listen to your music or your teamspeak
| session or your voip session with your girlfriend due zeroconf found a
| audio sink in the network and did reconfigure your system to use it?

That they are discovered does not mean they are used, just that they are
available.  If you have found any bugs where network sinks are used
automatically please file bugs about that.

Really, if you want to disable avahi, please feel free to do so on your
systems.  Or use a firewall, or both.  Debian has a fair balance of
functionality, security and convenience out of the box, if you disagree
with the current balance, feel free to invest the work into making it
possible to harden Debian further.

Regards,
-- 
Tollef Fog Heen
UNIX is user friendly, it's just picky about who its friends are
Reply to: