From owner-freebsd-security  Wed Aug 15 10:37:47 2001
Delivered-To: freebsd-security@freebsd.org
Received: from mail3.enter.net (mail3.enter.net [63.65.0.23])
	by hub.freebsd.org (Postfix) with ESMTP id A931337B409
	for <security@FreeBSD.ORG>; Wed, 15 Aug 2001 10:37:44 -0700 (PDT)
	(envelope-from gaving@enter.net)
Received: from grabes2.enter.net (grabes2.enter.net [63.65.2.36])
	by mail3.enter.net (8.11.2/8.11.2) with ESMTP id f7FHbiT61749
	for <security@FreeBSD.ORG>; Wed, 15 Aug 2001 13:37:44 -0400 (EDT)
Date: Wed, 15 Aug 2001 13:35:14 -0400 (EDT)
From: Gavin Grabias <gaving@enter.net>
To: <security@FreeBSD.ORG>
Subject: Re: cvs commit: src/etc inetd.conf
In-Reply-To: <20010815092034.E38221-100000@localhost>
Message-ID: <Pine.LNX.4.33.0108151331340.27240-100000@grabes2.enter.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

> Good point, but thats a little different.  Warning those who care
> (subscribers of the list) about security advisories is MUCH different
> than making the OS mute because a percentage of the installers can't
> figure out (or don't know that they SHOULD figure out) how to turn off
> sendmail, telnet, etc.  It just won't save the experienced users any
> time to have them disabled, and it won't stop the 'clueless' from being
> just that.

Security is starting to sound like a bug instead of a feature for FreeBSD.
We are arguing about whether users can use a text editor to edit their
inetd.conf.  The secure approach would be to disable all services by
default.  If the user wants "features" make him/her read about them and
educate themselves.  Then they can make the decision as to whether they
want the service enabled.

Regards,

Gavin Grabias - System Administration
********************************************************************
      ENTER.NET - "The Road to the Internet Starts Here!" (tm)
  (610) 437-2221 * http://www.enter.net/ * email:support@enter.net
********************************************************************



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message