Loye, With all due respect.. this is completely and utterly irrelevant.
You could have this kind of interaction with any piece of software, they could download and install MSN and chat to each other.. or use windows file sharing.. or one of a million ways to interact with each other over a network. Hell, they could call each other on the phone or shout out the window. At the end of the day if you really think this is a problem for you then just disable it (in /etc/default) but I think you are just being over the top, and if not then theres a LOT more than Avahi you need to worry about so removing Avahi for all users (esp those at homes, etc) in preference of some weird company who thinks this rule is the be all and end all is ludicrous. It would also not be hard to disable Avahi on the long list of things you should be disabling.. nevermind to prevent this kind of information being problematic you should really be using a firewall.. but then what if they both login to a web-based chat site? Your broken again. Perhaps you should turn their network off. Avahi is not "inherrently insecure", it is "inherrently untrustable". It makes the things its designed to do very convenient but you should not rely on it for any trusted activity. It is great for things like, finding multiplayer games, finding people to chat to on a local network, etc. Where trusting what is at the other end is not a problem. Note that even DNS itself is not much more secure at the end of the day it's not hard for me to spoof a local DNS server on a LAN or even the gateway with some arp spoofing. Any network protocol, generally speaking, is not quite as secure as most people wish it was. Please stop this pointless thread, the only bug here is whether SetHostName should or should not be allowed to be changed by any user.. which is at worst a nuisance and I will open a bug upstream about this but I don't really see it as being a "big issue" and I'm not even sure that behavior should be changed. Regards, Trent -- SetHostName can be called by users https://bugs.launchpad.net/bugs/195140 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
