[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: "uselessly listens on localhost" RC

* Luk Claes (luk@debian.org) [091018 14:51]:
> Andreas Barth wrote:
> > after some discussion we had today on IRC, I tend to think we should
> > put a section within "security" of the release policy that says
> > something like "Packages must not open listening sockets at localhost
> > where usage of a unix domain socket (in the filesystem) would be
> > equally sufficient".
> > 
> > Reasoning for this is that opening listening sockets with the network
> > allows "better" ways to exploit security bugs than in the traditional
> > unix filesystem.

> In general that seems to be harsh unless you are talking about software
> that never should listen on the network or where the use case of not
> listening on the network is really important.

Basically it would be "if there is no bonus in listening on the
network don't do it". I agree that this is a bit strict, however the
current stanca
| Programs must be setup to use the minimum privleges they can.
is already as strict re priveleges, so I think it would fit.

> Unless you want to make it should not instead of must not?

"should" shouldn't be part of the release policy I'd say. :)


Cheers,
Andi
Reply to: