[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: secure installation

Javier Fernández-Sanguino Peña <jfs@computer.org> writes:

> You'll find that a simple default Debian installation of etch is not
> really that exposed:

> - exim MTA configured to loopback only
> - portmap installed, open to the world, but can be configured for loopback
>   only 
> - identd installed, but with no services which makes it not run at all
>   (unless you install some other inetd services that is).
> - sshd (server) not installed by default

> Portmap is needed for NFS support out of the box and, IIRC, for GNOME's
> fam but can easily be configured to be loopback-only.

It would be rather nice if Gnome could default to gamin instead of fam,
since it doesn't require network services.  That's one of the first things
I change about any Gnome installation.

> Later releases (6.06) dropped portmap altogether. But the latest release
> (6.10) [2] installs Avahi (mDNS) open to the world, they decided to do
> this due to the features it provided (Zeroconf) and after making sure it
> had been properly audited.

> However, there have been more Avahi vulnerabilities (3 DoS and 1 remote
> BoF since 2006) than there have been in Wietse Venema's portmap's (1 DOS
> vulnerability in 1998).

I think the decision to install Avahi by default is rather questionable;
it really isn't clear to me that Zeroconf is such a killer feature as to
be worth the additional potential security trouble.  But maybe we could
arrive at some sort of compromise where the daemon doesn't run by default
but the user has some simple way of starting it and stopping it when it's
of interest?

Russ Allbery (rra@debian.org)               <http://www.eyrie.org/~eagle/>

Reply to: