From owner-freebsd-security Thu Sep 21 23: 8:14 2000 Delivered-To: freebsd-security@freebsd.org Received: from tandem.milestonerdl.com (tandem.milestonerdl.com [204.107.138.1]) by hub.freebsd.org (Postfix) with ESMTP id 0BEE537B422 for ; Thu, 21 Sep 2000 23:08:10 -0700 (PDT) Received: from tandem (tandem [204.107.138.1]) by tandem.milestonerdl.com (8.10.0/8.10.0) with ESMTP id e8M67ZL53534; Fri, 22 Sep 2000 01:07:35 -0500 (CDT) Date: Fri, 22 Sep 2000 01:07:35 -0500 (CDT) From: Marc Rassbach To: Brett Glass Cc: Wes Peters , nbm@mithrandr.moria.org, security@freebsd.org Subject: Re: sysinstall DOESN'T ASK, dangerous defaults! (Was: Re: wats so special about freeBSD?) In-Reply-To: <4.3.2.7.2.20000921182152.046d6ee0@localhost> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org As an effort to attempt to keep 'the peace'....why not provide the options of a 'install nothing' (like openbsd) 'install like a desktop' 'install like a server' 'install everything' and these options are from the 'easy install' (in the past called novice) Or, perhaps as part of a net install, load your install profile over the wire. (that fully scriptable install fantasy....) In such a scripting world, the standard as shipped can be as BSDi/FreeBSD wants, and BrettBSD can be set up as Mr. Glass wants. Set options to suck the script from net/cd/floppy/audio tape on the cassette interface/paper tape/data lines and load swich/telepathic link/whatever..... I could make a whole bunch of suggestions, but then I'd have to code them, so I'll sit back down and shut up. On Thu, 21 Sep 2000, Brett Glass wrote: > I wind up spending hours agonizing over the configuration of every > FreeBSD install I do, because I have to turn off many of the defaults > which could potentially compromise security or waste resources. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message