[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: bittorrent in core? what frontend?



On Sat, December 17, 2005 3:31 pm, Jeff Spaleta said:
> On 12/17/05, Callum Lerwick <seg haxxed com> wrote:
>> They deliberately decide to poke holes in their firewall by running a
>> UPNP enabled application.
>
> And when the user doesn't know its upnp enabled application? Or when
> the application is malicious and misrepresents what its suppose to be
> doing and does upnp operations withuot clear consent from the user?

Well what if the program does "rm -rf ~/*" without clear consent from the
user?  At some point you either trust your application or you don't.

The fallback here is that currently only root can alter the iptable
firewall rules on the local machine, so even if a malicious program does
use UPnP no packets will arrive at the local machine because they will be
filtered by the local firewall.

But the point has to be made again, nothing we're talking about here
changes the situation of malicious code.   _Today_ as Fedora exists out of
the box, a malicious program can enable UPnP on a router that has it
enabled.   All we're talking about is using that facility as it was meant
to be used, by _trusted_ application like the bit torrent client supplied
with the distribution.

Sean


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]