[2624] in Release_7.7_team
Re: Please strongly consider backing out the zephyr servers
daemon@ATHENA.MIT.EDU (Jeffrey I. Schiller)
Mon Mar 5 13:35:45 2001
Date: Mon, 5 Mar 2001 13:35:23 -0500
From: "Jeffrey I. Schiller" <jis@MIT.EDU>
To: Greg Hudson <ghudson@mit.edu>
Cc: John Hawkinson <jhawk@mit.edu>, release-team@mit.edu, op@mit.edu,
winzephyr-release@mit.edu
Message-ID: <20010305133523.D620@mit.edu>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <200103051749.MAA28112@egyptian-gods.MIT.EDU>; from ghudson@MIT.EDU on Mon, Mar 05, 2001 at 12:49:16PM -0500
Folks, this is going to give IS a black eye with our customers. Please
back out the changes, please do it today, before the storm. Thanks.
-Jeff
On Mon, Mar 05, 2001 at 12:49:16PM -0500, Greg Hudson wrote:
> (cc changed from pismere to winzephyr-release per Tom's mail.)
> > b) Reverting the code will break interrealm zephyr with CMU again.
>
> Oh, we can pretty easily revert the checksum change without reverting
> all the interrealm stuff. So the only issue is:
>
> > a) Reverting the code re-introduces a security vulnerability with
> > respect to forging subscriptions.
>
> Regardless of whether there are known exploits, I'd like this
> vulnerability gone. I think reverting the server code is likely to
> mean the vulnerability will be with us for a very long time, since it
> will take the pressure off of fixing winzephyr.
>
> If we have current winzephyr users who are not technically savvy
> enough to be prepared to upgrade, then that's unfortunate, because
> they are testers. But there is a limit to how much IS should keep
> promises it never made.
>
> > There is no currently available upgrade path (i.e. WinZephyr release
> > that correctly sends subscription messages authentically).
>
> I've volunteered to help Ian fix the winzephyr code. I don't know how
> fast he can put out a release.