Date: Thu, 14 Sep 2000 10:14:31 -0700 (PDT) From: Kris Kennaway <kris@FreeBSD.org> To: Ade Lovett <ade@FreeBSD.org> Cc: "Louis A. Mamakos" <louie@TransSys.COM>, security@freebsd.org Subject: Re: potential security exposure in GNOME/ORBit? Message-ID: <Pine.BSF.4.21.0009141013300.64302-100000@freefall.freebsd.org> In-Reply-To: <20000914120949.E73990@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 14 Sep 2000, Ade Lovett wrote:
> > What may be better is to make those settings the default policy, and then
> > install an orbitrc.sample showing how to override them and only remove
> > that file, not orbitrc.
>
> So you'd be happy with installing an orbitrc.sample, followed by
> a pkg/MESSAGE printout telling them to merge it with any existing
> orbitrc they might have, otherwise their box could be insecure?
No, I'd like the binary itself to default to not listening on the network
with a way to enable it, and install the sample file telling them how to
enable it if they need to. That way the default security isn't compromised
and we don't spam anyone who may have local changes in their orbitrc.
Kris
--
In God we Trust -- all others must submit an X.509 certificate.
-- Charles Forsythe <forsythe@alum.mit.edu>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0009141013300.64302-100000>