On Wed, 29.02.12 17:51, Simo Sorce (simo@xxxxxxxxxx) wrote: > On Wed, 2012-02-29 at 10:09 -0700, Chris Murphy wrote: > > On Feb 29, 2012, at 5:15 AM, drago01 wrote: > > > > > On Wed, Feb 29, 2012 at 1:02 PM, Neal Becker <ndbecker2@xxxxxxxxx> wrote: > > >> I think he's got a point > > >> > > >> http://www.osnews.com/story/25659/Torvalds_requiring_root_password_for_mundane_things_is_quot_moronic_quot_ > > > > > > > My example is mDNS being blocked in the Firewall by default *and* it requires a root password to unblocked it. Completely retarded. > > Except that mDNS is a real security issue (because you can hijack name > resolution quite easily with it). Can you? How so? Sure, you can muck with the .local domain, since that's the mDNS domain, but hey, if you are stupid enough to trust the .local domain in insecure networks, then it is your own fault, as the suffix ".local" kinda comes with this big implied label of "HEY! THIS DOMAIN IS RESOLVED FROM DATA MULTICASTED ON THE LOCAL LINK". Lennart -- Lennart Poettering - Red Hat, Inc. -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
