FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian Development

 
 
LinkBack Thread Tools
 
Old 03-02-2011, 08:11 PM
Philipp Kern
 
Default Disable ZeroConf: how to ?

Hi,

I won't comment on the possible insecurity of avahi-daemon, but...

On 2011-03-02, Bastien ROUCARIES <roucaries.bastien@gmail.com> wrote:
> More and more packages depend on avahi aka zeroconf. I have found some
> information on http://wiki.debian.org/ZeroConf
>
> Because I work in a untrusted work place and home network (public networks,
> wifi...) I whish to purge zeroconf functionnality.
>
> however a lot of package depends (or recommend) instead of suggest
> avahi-daemon and thus I could not purge this piece of software
> that I believe insecure in my context.

| pkern@franck:~$ dak rm -n -R -b -s stable avahi-daemon
| Working... done.
| Will remove the following packages from stable:
|
| avahi-daemon | 0.6.27-2 | amd64, armel, i386, ia64, kfreebsd-amd64, kfreebsd-i386, mips, mipsel, powerpc, s390, sparc
|
| Maintainer: Utopia Maintenance Team <pkg-utopia-maintainers@lists.alioth.debian.org>
|
| ------------------- Reason -------------------
|
| ----------------------------------------------
|
| Checking reverse dependencies...
| # Broken Depends:
| avahi: avahi-discover
| avahi-dnsconfd
| avahi-utils
| controlaula: ltsp-controlaula
| forked-daapd: forked-daapd
| gshare: gshare
| mandos: mandos
| meta-gnome2: gnome
| mod-dnssd: libapache2-mod-dnssd
| mt-daapd: mt-daapd
| nss-mdns: lib32nss-mdns [amd64]
| libnss-mdns
| padevchooser: padevchooser
| service-discovery-applet: service-discovery-applet
| telepathy-salut: telepathy-salut
|
| Dependency problem found.

So it's mainly gnome, which you don't need to install if you don't agree with
the maintainer's decision to depend on avahi-daemon, but you could mark the
pulled-in packages as installed yourself. (That's the maintainer's stance on
its dependency list.)

The other thing where it's not clear to me is padevchooser. Not sure it's
really desperatly needed there.

But the "a lot of packages depend" on it is false. It might be true that a
bunch of it recommend it, but then you could create a dummy package that just
conflicts against avahi-daemon. That should keep it uninstalled even when you
install more packages with recommends turned on. (I think equivs could help
you there.) After all those are no depends.

Kind regards
Philipp Kern


--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: slrnimtckc.o7n.trash@kelgar.0x539.de">http://lists.debian.org/slrnimtckc.o7n.trash@kelgar.0x539.de
 
Old 03-02-2011, 08:24 PM
Josselin Mouette
 
Default Disable ZeroConf: how to ?

Le mercredi 02 mars 2011 * 18:25 +0100, Bastien ROUCARIES a écrit :
> And more specifically from an administrator point of view does avahi
> could library could be made purgeable and no more than suggest
> dependencies (I am willing to fill a mass bug report because purging
> avahi will purge gnome and kde ...) ?

As Philipp pointed out, only gnome depends on it, and that’s not
gnome-desktop-environment. You can use the latter if you want only the
official GNOME desktop.

> And moreover could you give a clear answer about the security risk on
> untrusted network ?

I’d say Avahi is mostly as insecure as the services that use it for
advertising.

--
.'`. Josselin Mouette
: :' :
`. `' “If you behave this way because you are blackmailed by someone,
`- […] I will see what I can do for you.” -- Jörg Schilling
 
Old 03-02-2011, 08:26 PM
Steve Langasek
 
Default Disable ZeroConf: how to ?

On Wed, Mar 02, 2011 at 09:11:40PM +0000, Philipp Kern wrote:
> The other thing where it's not clear to me is padevchooser. Not sure it's
> really desperatly needed there.

For padevchooser it probably makes sense, as network sound sink/sources are
certainly a case you may want to use pulseaudio with.

What I find unusual is that pulseaudio recommends padevchooser. I wouldn't
expect this to be installed by default.

--
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
Ubuntu Developer http://www.debian.org/
slangasek@ubuntu.com vorlon@debian.org
 
Old 03-02-2011, 09:09 PM
Julien BLACHE
 
Default Disable ZeroConf: how to ?

Bastien ROUCARIES <roucaries.bastien@gmail.com> wrote:

Hi,

> Because I work in a untrusted work place and home network (public
> networks, wifi...) I whish to purge zeroconf functionnality.

Looks like you want a firewall. Just sayin'.

JB.

--
Julien BLACHE - Debian & GNU/Linux Developer - <jblache@debian.org>

Public key available on <http://www.jblache.org> - KeyID: F5D6 5169
GPG Fingerprint : 935A 79F1 C8B3 3521 FD62 7CC7 CD61 4FD7 F5D6 5169


--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 87pqq9kwd1.fsf@sonic.technologeek.org">http://lists.debian.org/87pqq9kwd1.fsf@sonic.technologeek.org
 
Old 03-02-2011, 09:51 PM
Ben Hutchings
 
Default Disable ZeroConf: how to ?

On Wed, 2011-03-02 at 23:09 +0100, Julien BLACHE wrote:
> Bastien ROUCARIES <roucaries.bastien@gmail.com> wrote:
>
> Hi,
>
> > Because I work in a untrusted work place and home network (public
> > networks, wifi...) I whish to purge zeroconf functionnality.
>
> Looks like you want a firewall. Just sayin'.

A firewall is mitigation against insecure applications and
configurations. The availability of firewalls does not excuse us from
making applications and their default configurations secure.

Ben.

--
Ben Hutchings
Once a job is fouled up, anything done to improve it makes it worse.
 
Old 03-02-2011, 09:54 PM
Klaus Ethgen
 
Default Disable ZeroConf: how to ?

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Am Mi den 2. Mr 2011 um 18:25 schrieb Bastien ROUCARIES:
> More and more packages depend on avahi aka zeroconf. I have found some information on http://wiki.debian.org/ZeroConf
>
> Because I work in a untrusted work place and home network (public networks, wifi...) I whish to purge zeroconf functionnality.

I fighted this bunch of functionality since long ago. The whole zerconf
stuff is only useful in secure and clear defined environments. But there
you don't need it anyway.

With zeroconf there is some thinks that play together and has to be
killed:
- - avahi (-daemon) -- as you find by yourself -- and the packages
zeroconf, libnss-mdns, avahi-autoipd, avahi-daemon.
- - The package slpd
- - The linklocal route (169.254.0.0)

> Does avahi could be disable (using kernel level firewalling is not from my point of view a solution) ?

See above.

> And more specifically from an administrator point of view does avahi could library could be made purgeable and no more than suggest
> dependencies (I am willing to fill a mass bug report because purging avahi will purge gnome and kde ...) ?

Well, as I do not use gnome nor kde I am not concerned from this
dependencies.

> And moreover could you give a clear answer about the security risk on untrusted network ?

That is difficult. It depends on the environment. If you have a clear
and secure environment, zeroconf is not that insecure. But in all other
environments you do not want to have it.

Regards
Klaus
- --
Klaus Ethgen http://www.ethgen.ch/
pub 2048R/D1A4EDE5 2000-02-26 Klaus Ethgen <Klaus@Ethgen.de>
Fingerprint: D7 67 71 C4 99 A6 D4 FE EA 40 30 57 3C 88 26 2B
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQEVAwUBTW7Knp+OKpjRpO3lAQqjdgf+J1Tq4eqF+bi/2bAONvCPXgwCXRswg5eA
HEAWZdsN13jTe/JGD/NTBML7AXXu+RIeJIFty+I/T+OlU2x3SbKijtXkteN0giTE
QWJf/6extnJZY97+cP2xDjfPZXP8DA7pL3qr0MLHj9Lz/s+Prvd+9MM3OKzgoDn/
pG9Lb+TVNMzWmD3KLGD1wbLMMKSnh7NLQshQPLgwkZwTysLWCe IX/hBRZ8r9Nn0G
DqW1I4sOIYB47w4DmHo5SXwnQG3O0P/MdbaVicasE0+MYLg28Ib+ZVNMzvFbP7Kw
lBQBvrqFDBsKXvK4esgSlI6xq8c/m/rUUR5S3Ar8t8AFg1OWoT+C4g==
=CXGk
-----END PGP SIGNATURE-----


--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 20110302225422.GB17584@ikki.ethgen.ch">http://lists.debian.org/20110302225422.GB17584@ikki.ethgen.ch
 
Old 03-02-2011, 09:56 PM
Klaus Ethgen
 
Default Disable ZeroConf: how to ?

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Am Mi den 2. Mr 2011 um 23:09 schrieb Julien BLACHE:
> > Because I work in a untrusted work place and home network (public
> > networks, wifi...) I whish to purge zeroconf functionnality.
>
> Looks like you want a firewall. Just sayin'.

Ehem, no.

A system has not to listen for any unused and unneeded services ever. A
firewall is to control services you _need_.

All that zeroconf stuff is absolutely not needed and wanted. (By the
most users, I suppose.)

Regards
Klaus
- --
Klaus Ethgen http://www.ethgen.ch/
pub 2048R/D1A4EDE5 2000-02-26 Klaus Ethgen <Klaus@Ethgen.de>
Fingerprint: D7 67 71 C4 99 A6 D4 FE EA 40 30 57 3C 88 26 2B
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQEVAwUBTW7LKp+OKpjRpO3lAQpkRgf/VKrQKWxC83u3XbGK8/Q1AaHvfa4zweUj
wWyGHQjs98OLxdqfONq/7v1eHzGbFghgBzPXiEIdVBDgnCPnSU+QTNRYvUyx8O58
iSdO0GMERDnMg1nU0tunTG4NgmXfoysJttpE4zPiyy51nhUNfb e9giQmMpZ94tIb
GGTF49YUiAZde1uUk6NDXEjXlsBtoeID2WiNKnwTrQbXGBLD7f gdfeSGoEzCvkNq
9YCF/cHTQbV1x0q1RFUcbbAbd6eCin2mmhX92iIhX15KgNdaE1sZ6bC MUJAh0Rhr
Ab9jGki0AxfV4N6Y43CztskNa+EHhmKhe/mkk5NilVZ7IovJ+CXWJQ==
=Wxv3
-----END PGP SIGNATURE-----


--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 20110302225642.GC17584@ikki.ethgen.ch">http://lists.debian.org/20110302225642.GC17584@ikki.ethgen.ch
 
Old 03-02-2011, 10:33 PM
Adam Borowski
 
Default Disable ZeroConf: how to ?

On Wed, Mar 02, 2011 at 10:24:36PM +0100, Josselin Mouette wrote:
> Le mercredi 02 mars 2011 * 18:25 +0100, Bastien ROUCARIES a écrit :
> > And more specifically from an administrator point of view does avahi
> > could library could be made purgeable and no more than suggest
> > dependencies (I am willing to fill a mass bug report because purging
> > avahi will purge gnome and kde ...) ?
>
> As Philipp pointed out, only gnome depends on it, and that’s not
> gnome-desktop-environment. You can use the latter if you want only the
> official GNOME desktop.

gnome-desktop-environment
Depends: gnome-user-share
Depends: libapache2-mod-dnssd
Depends: avahi-daemon
Recommends: telepathy-salut
Depends: avahi-daemon

> > And moreover could you give a clear answer about the security risk on
> > untrusted network ?
>
> I’d say Avahi is mostly as insecure as the services that use it for
> advertising.

A client system is not supposed to run any public network services,
especially not in the default config. I have never in my life felt the need
to do anything provided by either gnome-user-share or telepathy-salut (or
anything that has to do with telepathy for that matter), and I doubt most
users have either. None of them do anything good unless configured, too.

Having them installed by default might make sense, disk space is cheap and
non-technical users are not supposed to apt-get things every time they use
an optional part of Gnome -- but why the system would bear a security risk
when none of the programs involved were ever run is beyond me.

When an user actually uses that "easy file sharing" or link-local instant
messaging, avahi could be started, but there's no reason to do that before.

This goes in contrast to actual server daemons which are installed by a
conscious action by the sysadmin, and thus can be expected to be running by
default.


--
1KB // Microsoft corollary to Hanlon's razor:
// Never attribute to stupidity what can be
// adequately explained by malice.


--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 20110302233326.GA9061@angband.pl">http://lists.debian.org/20110302233326.GA9061@angband.pl
 
Old 03-03-2011, 01:35 AM
Chow Loong Jin
 
Default Disable ZeroConf: how to ?

On Thursday 03,March,2011 06:56 AM, Klaus Ethgen wrote:
> Am Mi den 2. Mr 2011 um 23:09 schrieb Julien BLACHE:
>>> Because I work in a untrusted work place and home network (public
>>> networks, wifi...) I whish to purge zeroconf functionnality.
>
>> Looks like you want a firewall. Just sayin'.
>
> Ehem, no.
>
> A system has not to listen for any unused and unneeded services ever. A
> firewall is to control services you _need_.
>
> All that zeroconf stuff is absolutely not needed and wanted. (By the
> most users, I suppose.)
>
> Regards
> Klaus


Actually I absolutely love the <machine>.local resolution functionality on a
network (it works much better than the NetBIOS crap that can never find another
machine on a network when you want it). That, and Pidgin's Bonjour support
interfaces with iChat over zeroconf, allowing you to chat with users (and
exchange files, perhaps?) across a network without needing to set up a
centralized chatting system.

I think those two functionalities are pretty useful to the end-user.

Rather than blabbering about potential security issues stemming from
avahi-daemon being installed and enabled on a system, how about actually finding
one and reporting it?

gnome-user-share does not share stuff by default as far as I can tell, and
padevchooser only uses avahi-daemon for discovering extra Pulseaudio sinks on
the network (it doesn't advertise its own sinks by default).

An avahi-enabled system that advertises no services is pretty much as secure as
the avahi-disabled system.

--
Kind regards,
Loong Jin
 
Old 03-03-2011, 02:06 AM
Norbert Preining
 
Default Disable ZeroConf: how to ?

On Do, 03 Mär 2011, Adam Borowski wrote:
> On Wed, Mar 02, 2011 at 10:24:36PM +0100, Josselin Mouette wrote:
> > As Philipp pointed out, only gnome depends on it, and that’s not
> > gnome-desktop-environment. You can use the latter if you want only the
> > official GNOME desktop.
>
> gnome-desktop-environment
> Depends: gnome-user-share
> Depends: libapache2-mod-dnssd
> Depends: avahi-daemon
> Recommends: telepathy-salut
> Depends: avahi-daemon

Any words of the GNOME maintainers according to that?

I don't need not want avahi, it actually two or three times broke
my network by doing changes to config file I don't want (don't remember
the details) and at that time I could purge it away, but it came back
again.

Best wishes

Norbert
------------------------------------------------------------------------
Norbert Preining preining@{jaist.ac.jp, logic.at, debian.org}
JAIST, Japan TeX Live & Debian Developer
DSA: 0x09C5B094 fp: 14DF 2E6C 0307 BE6D AD76 A9C0 D2BF 4AA3 09C5 B094
------------------------------------------------------------------------
HIGH OFFLEY (n.)
Gossnargh (q.v.) three weeks later.
--- Douglas Adams, The Meaning of Liff


--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 20110303030642.GI6098@gamma.logic.tuwien.ac.at">ht tp://lists.debian.org/20110303030642.GI6098@gamma.logic.tuwien.ac.at
 

Thread Tools




All times are GMT. The time now is 04:37 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org