From owner-freebsd-security Wed Aug 15 10:32:38 2001 Delivered-To: freebsd-security@freebsd.org Received: from webs1.accretive-networks.net (webs1.accretive-networks.net [207.246.154.13]) by hub.freebsd.org (Postfix) with ESMTP id 1A13D37B40E for ; Wed, 15 Aug 2001 10:32:36 -0700 (PDT) (envelope-from davidk@accretivetg.com) Received: from localhost (davidk@localhost) by webs1.accretive-networks.net (8.11.1/8.11.3) with ESMTP id f7FGRrZ50712; Wed, 15 Aug 2001 09:27:53 -0700 (PDT) Date: Wed, 15 Aug 2001 09:27:53 -0700 (PDT) From: David Kirchner X-X-Sender: To: Eric Anderson Cc: , Subject: Re: cvs commit: src/etc inetd.conf In-Reply-To: <3B7A8851.3523EC9B@centtech.com> Message-ID: <20010815092034.E38221-100000@localhost> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Wed, 15 Aug 2001, Eric Anderson wrote: > Good point, but thats a little different. Warning those who care > (subscribers of the list) about security advisories is MUCH different > than making the OS mute because a percentage of the installers can't > figure out (or don't know that they SHOULD figure out) how to turn off > sendmail, telnet, etc. It just won't save the experienced users any > time to have them disabled, and it won't stop the 'clueless' from being > just that. Microsoft failed to understand the responsibility they had to provide secure software out of the box. This failure has caused problems across the entire Internet. There's no reason why FreeBSD shouldn't take the responsible approach and provide a secure system out-of-the-box. A worm could easily be written to take advantage of a FreeBSD hole, such as the one found in telnetd. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message