1 |
-----BEGIN PGP SIGNED MESSAGE----- |
2 |
Hash: SHA256 |
3 |
|
4 |
Hi, |
5 |
|
6 |
"This can have serious security implications" [1] |
7 |
|
8 |
For whom? |
9 |
The often cited end user not running any network service, not even sshd? |
10 |
Without firewalls, routing or dhcp_d_? |
11 |
Some avahi-discovery woodoo stuff unaware of network topology at all? |
12 |
|
13 |
Maybe the M$/Windows mechanism asking the user to classify an newly |
14 |
discovered network as (and shutting down network communication until |
15 |
done so) isn't the worst solution at all. |
16 |
(Well, that would need an dbus like service to pop up this box *hihi*) |
17 |
|
18 |
[Generally speaking] |
19 |
|
20 |
Linux developed from an highly specialized group of users to an broad |
21 |
spectrum from "I have control, leave my unique setup alone" to "I have |
22 |
no idea what I'm doing/I'm unwilling to read/Lets sudo random search |
23 |
results" kinda users. Not all are enlightened. |
24 |
|
25 |
Good part is the media coverage, money invested/wasted/... |
26 |
Hard part is to find an compromise for all users. |
27 |
|
28 |
So lets provide something that works w/o interaction or master |
29 |
knowledge and not annoys the crap out of users - for all users. |
30 |
|
31 |
[about NIC names] |
32 |
|
33 |
Changing the netdev names way from eth*/wlan*/wwan*/ results in a hell |
34 |
of obsolete documentation. |
35 |
Opt-out urges users into either adapt their setups or disable the rules. |
36 |
This LAN/WLAN eth0/eth1 mess could be fixed by assuring Wi-Fi NICs |
37 |
being called wlan*, and running WPA stuff just there. |
38 |
|
39 |
The upcoming UMTS/broadband interfaces are called wwan*? *duck* |
40 |
|
41 |
Last point - as long as identification of LAN networks isn't handled |
42 |
properly, the consistency of NIC names it the lesser security concern |
43 |
for users carring around their laptops. |
44 |
|
45 |
Enough! |
46 |
|
47 |
Michael |
48 |
|
49 |
[1] |
50 |
http://www.freedesktop.org/wiki/Software/systemd/PredictableNetworkInterfaceNames |
51 |
|
52 |
On 01/09/2013 11:13 PM, William Hubbs wrote: |
53 |
> All, |
54 |
> |
55 |
> as you probably know by now, udev-197 has hit the tree. |
56 |
> |
57 |
> This new version implements a new feature called predictable |
58 |
> network interface names [1], which I have currently turned off for |
59 |
> live systems, because it will require migration on the part of the |
60 |
> user. |
61 |
> |
62 |
> When you upgrade to this new version of udev, you will find a file |
63 |
> /etc/udev/rules.d/80-net-name-slot.rules on your system. It |
64 |
> currently has comments explaining what is happening. |
65 |
> |
66 |
> As long as this file is in place, this feature is not activated. |
67 |
> That is why there is not a news item. If you do nothing, nothing |
68 |
> changes. |
69 |
> |
70 |
> What I would like to do is find some people who are willing to |
71 |
> migrate and report any issues they find. |
72 |
> |
73 |
> I would like this to be the default for everyone at some point, so |
74 |
> I want to document the migration process and find out if there are |
75 |
> any bugs in tools because they expect the eth* names. |
76 |
> |
77 |
> Thoughts? |
78 |
> |
79 |
> William |
80 |
> |
81 |
> [1] |
82 |
> http://www.freedesktop.org/wiki/Software/systemd/PredictableNetworkInterfaceNames |
83 |
> |
84 |
> |
85 |
- -- |
86 |
Michael Weber |
87 |
Gentoo Developer |
88 |
web: https://xmw.de/ |
89 |
mailto: Michael Weber <xmw@g.o> |
90 |
-----BEGIN PGP SIGNATURE----- |
91 |
Version: GnuPG v2.0.19 (GNU/Linux) |
92 |
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ |
93 |
|
94 |
iF4EAREIAAYFAlD1HmkACgkQknrdDGLu8JDLRQD+P0pO8z0WHnELVYOgQrEQi0wm |
95 |
Xp1kG1pQhYTCN271T6EBAJvRSacaBE7hdIaTCRH7VUoeugWdktQaXE935kqhFCNV |
96 |
=BWkO |
97 |
-----END PGP SIGNATURE----- |