[2621] in Release_7.7_team
Please strongly consider backing out the zephyr servers
daemon@ATHENA.MIT.EDU (John Hawkinson)
Mon Mar 5 11:07:47 2001
Date: Mon, 5 Mar 2001 11:07:43 -0500 (EST)
Message-Id: <200103051607.LAA27132@multics.mit.edu>
To: release-team@mit.edu, op@mit.edu
Cc: pismere@mit.edu
From: John Hawkinson <jhawk@MIT.EDU>
Hi,
As some of you have no doubt seen, it appears that the latest
zephyr server deployment has broken WinZephyr. There is strong
suspicion (from Greg) that this is because some additional security
checks were added to the zephyr servers, and WinZephyr is not sending
subscription messages authentically.
Garry and Greg have suggested that since WinZephyr is not
officially supported, it is appropraite to not back those changes
out.
I would like to strongly argue against this. There are a
reasonable number of WinZephyr users (I don't know how to quantify it)
who will be severely inconvenienced by WinZephyr not functioning. Many
WinZephyr users are not particularly technically saavy (being Windows
users) and relatively ill-equipped to deal with this sort of
problem. There is no currently available upgrade path (i.e. WinZephyr
release that correctly sends subscription messages authentically). The
counterargument seems to be twofold:
a) Reverting the code re-introduces a security vulnerability with
respect to forging subscriptions. But this vulnerability has been with
us for many years, and there are no known exploits, and it seems not
too likely that they will pop up, soon.
b) Reverting the code will break interrealm zephyr with CMU again.
Interrealm zephyr with CMU is a new feature that has already been the
cause of much instability in our zephyr environment, and has already
been broken for the past few weeks anyhow. I don't think there is
any serious dependancy on it, whereas a number of users of Windows
environments at MIT (in many cases support staff and faculty as well
as students) will be inconvenienced by lack of WinZephyr support.
It seems clear to me that reverting the zephyr servers to restore
WinZephyr support is the most customer-focussed thing that can be done.
I would request that this be thought about and executed expeditiously,
if at all possible. It's been broken since Saturday evening and the
clock only moves forward.
Thanks.
--jhawk
p.s.: I include release-team as the relevent patches that affect this
were checked into the Athena source tree. I'm not sure what would be
a better place to raise this (owls?)
p.p.s.: I don't use WinZephyr, I'm just trying to act as an advocate.