KELEMEN Peter wrote:
* Peer Janssen ([EMAIL PROTECTED]) [20050908 15:53]:
...] I'm sending mail to root to an external network account.
I fail to see how this is arpwatch's problem. Your reasoning
can be used for *every* application that sends mail to root.
Handling root's mail securely is *your* responsibility, not the
applications'.
I agree with this, but when I installed this root mail forwarding, I
chose to do so, while arpwatch sent it's mails right away and
immediately after the install, without giving me any choice.
Since arpwatch discloses information about IPs and MACs of the internal
network as well as hardware info, I consider this a security risk.
I learned about this behavior only from the mails I received. Then I
read the man page and discovered my options, and changed the setup.
You might say that this is a non-secure way to approach an installation
of a new program, and that I should have read the man-page and the
sources before installing. Maybe, it a valid point of view. My point of
view also is that the package is not secure out of the box, and I
consider this as valid, too.
The solution would be:
- deactivate sending mail by default (simply logging in syslog, which
arpwatch does do as well, seems perfect to me), and/or
- asking the user a question at installation time if this is the desired
behavior.
Btw, other than this, I'm quite satisfied with arpwatch, and I also
appreciate the progress since woody's version.
Regards
Peer
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
