On Thu, Sep 30, 1999 at 08:05:32AM +1000, Craig Sanders wrote: > sorry, it's you who needs to wake up to the real world. > > if people don't know how to administer a unix machine then they need > to learn fast. Not true. Maintaining a unix-like machine for desktop or personal use requires a different skill set than a machine used as a server. People using linux as a windows replacement or because they want to see what linux is *don't need* a bunch of services enabled *by default*. And if there is no way to access the machine remotely then there's no harm if having a non-guru administer the machine. (It can be a security nightmare, but if no one can get in, it doesn't matter.) > no amount of molly-coddling by the distribution authors > (i.e. us) is going to obviate that essential requirement. maintaining > security on your own systems requires personal knowledge and experience, > it can not be done by proxy. Agreed, for machines that need public services. But I'm talking about defaults. Can you come up with a reason we *need* a bunch of stuff enabled by default? > the "we-know-better-than-you" attitude is what redhat and caldera (and > microsoft, for that matter) does. it sucks. debian has always done > better than that This is empty "we're better than them propaganda". Debian already makes choices in what services are installed and enabled by default. It does not follow that changing the *existing* list of services we enable by default implies a "we-know-better-than-you" attitude. (OTOH, saying "if you want to disable the service, remove the package--there's no reason to do anything else" does seem to imply such an attitude.) > > When we ship a system with a bunch of stuff enabled by default, > > we're not only putting their machine at risk but we're also creating > > problems for everyone else who's system is attacked by someone using > > the debian machine as a jump-off point. That's bad. > > that's bad. it's also bullshit. enabling daemons by default is not > inherently a security problem. A system with daemons disabled will always have a better guarantee of security than one with daemons enabled. In the not-so-distant past we've shipped systems with a vulnerable telnetd and a vulnerable ftpd enabled *by default.* If they'd been off instead of on they wouldn't have been a security problem for the many people who never used them. > see previous message. if a particular daemon is a problem then it needs > to be fixed or replaced or dropped from the distribution. changing the > default so that it is only enabled manually will NOT increase security > at all. See above. > > It's really time to get away from the mentality that everyone needs to > > have everything turned on all of the time; if a persone really *needs* > > something enabled, they can figure out how to do it. (If they can't, > > should they really be administering a network node?) > > if they don't need it then they shouldn't install the package. It's a default. Not everyone reads everything about every package--that's just the way things are, and we need to work with that in mind rather than building this wall of fantasy that we can do dangerous things as long as we bury a disclaimer in the docs. *That's* the commercial vendor's mentality you lamented previously. > why run debian (with all it's useful tools like update-inetd and > update-rc.d and so on) if you're going to throw away those advantages? Why does changing default behavior throw away advantages? What prevents you from using those tools if you want them? > it's damned annoying to see people trying to force their personal > preferences on everyone else by making loud noises about trumped up > nebulous and vague "security" issues. it would be nicer if such FUD were > left behind in the proprietary software world. What reasoning are you providing other than personal preference? Do you have any critique other than a misguided "that's what they do in the big bad proprietary software world?" (FYI, enabling everything by default is exactly what they do in the proprietary world because they don't have the courage to change things. Some vendors still have passwordless accounts because they're afraid to change things. I expect better from free software--"we've always done it this way" is not adequate defense.) Mike Stone
Attachment:
pgp6ga_o9r6KG.pgp
Description: PGP signature