| 1 |
-----BEGIN PGP SIGNED MESSAGE----- |
| 2 |
Hash: SHA256 |
| 3 |
|
| 4 |
Hi, |
| 5 |
|
| 6 |
"This can have serious security implications" [1] |
| 7 |
|
| 8 |
For whom? |
| 9 |
The often cited end user not running any network service, not even sshd? |
| 10 |
Without firewalls, routing or dhcp_d_? |
| 11 |
Some avahi-discovery woodoo stuff unaware of network topology at all? |
| 12 |
|
| 13 |
Maybe the M$/Windows mechanism asking the user to classify an newly |
| 14 |
discovered network as (and shutting down network communication until |
| 15 |
done so) isn't the worst solution at all. |
| 16 |
(Well, that would need an dbus like service to pop up this box *hihi*) |
| 17 |
|
| 18 |
[Generally speaking] |
| 19 |
|
| 20 |
Linux developed from an highly specialized group of users to an broad |
| 21 |
spectrum from "I have control, leave my unique setup alone" to "I have |
| 22 |
no idea what I'm doing/I'm unwilling to read/Lets sudo random search |
| 23 |
results" kinda users. Not all are enlightened. |
| 24 |
|
| 25 |
Good part is the media coverage, money invested/wasted/... |
| 26 |
Hard part is to find an compromise for all users. |
| 27 |
|
| 28 |
So lets provide something that works w/o interaction or master |
| 29 |
knowledge and not annoys the crap out of users - for all users. |
| 30 |
|
| 31 |
[about NIC names] |
| 32 |
|
| 33 |
Changing the netdev names way from eth*/wlan*/wwan*/ results in a hell |
| 34 |
of obsolete documentation. |
| 35 |
Opt-out urges users into either adapt their setups or disable the rules. |
| 36 |
This LAN/WLAN eth0/eth1 mess could be fixed by assuring Wi-Fi NICs |
| 37 |
being called wlan*, and running WPA stuff just there. |
| 38 |
|
| 39 |
The upcoming UMTS/broadband interfaces are called wwan*? *duck* |
| 40 |
|
| 41 |
Last point - as long as identification of LAN networks isn't handled |
| 42 |
properly, the consistency of NIC names it the lesser security concern |
| 43 |
for users carring around their laptops. |
| 44 |
|
| 45 |
Enough! |
| 46 |
|
| 47 |
Michael |
| 48 |
|
| 49 |
[1] |
| 50 |
http://www.freedesktop.org/wiki/Software/systemd/PredictableNetworkInterfaceNames |
| 51 |
|
| 52 |
On 01/09/2013 11:13 PM, William Hubbs wrote: |
| 53 |
> All, |
| 54 |
> |
| 55 |
> as you probably know by now, udev-197 has hit the tree. |
| 56 |
> |
| 57 |
> This new version implements a new feature called predictable |
| 58 |
> network interface names [1], which I have currently turned off for |
| 59 |
> live systems, because it will require migration on the part of the |
| 60 |
> user. |
| 61 |
> |
| 62 |
> When you upgrade to this new version of udev, you will find a file |
| 63 |
> /etc/udev/rules.d/80-net-name-slot.rules on your system. It |
| 64 |
> currently has comments explaining what is happening. |
| 65 |
> |
| 66 |
> As long as this file is in place, this feature is not activated. |
| 67 |
> That is why there is not a news item. If you do nothing, nothing |
| 68 |
> changes. |
| 69 |
> |
| 70 |
> What I would like to do is find some people who are willing to |
| 71 |
> migrate and report any issues they find. |
| 72 |
> |
| 73 |
> I would like this to be the default for everyone at some point, so |
| 74 |
> I want to document the migration process and find out if there are |
| 75 |
> any bugs in tools because they expect the eth* names. |
| 76 |
> |
| 77 |
> Thoughts? |
| 78 |
> |
| 79 |
> William |
| 80 |
> |
| 81 |
> [1] |
| 82 |
> http://www.freedesktop.org/wiki/Software/systemd/PredictableNetworkInterfaceNames |
| 83 |
> |
| 84 |
> |
| 85 |
- -- |
| 86 |
Michael Weber |
| 87 |
Gentoo Developer |
| 88 |
web: https://xmw.de/ |
| 89 |
mailto: Michael Weber <xmw@g.o> |
| 90 |
-----BEGIN PGP SIGNATURE----- |
| 91 |
Version: GnuPG v2.0.19 (GNU/Linux) |
| 92 |
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ |
| 93 |
|
| 94 |
iF4EAREIAAYFAlD1HmkACgkQknrdDGLu8JDLRQD+P0pO8z0WHnELVYOgQrEQi0wm |
| 95 |
Xp1kG1pQhYTCN271T6EBAJvRSacaBE7hdIaTCRH7VUoeugWdktQaXE935kqhFCNV |
| 96 |
=BWkO |
| 97 |
-----END PGP SIGNATURE----- |
Archives