Date: Sun, 01 Oct 2000 09:23:39 +0100 From: Adam Laurie <adam@algroup.co.uk> To: Michael Bryan <fbsd-security@ursine.com> Cc: security@FreeBSD.ORG Subject: Re: cvs commit: ports/mail/pine4 Makefile (fwd) Message-ID: <39D6F48B.EC92A921@algroup.co.uk> References: <200009301404.e8UE4xU64460@cwsys.cwsent.com> <Pine.LNX.4.10.10009302338320.29650-100000@jamus.xpert.com> <20000930152917.E25121@149.211.6.64.reflexcom.com> <39D6707D.CEAB26E2@ursine.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Michael Bryan wrote: > > "Crist J . Clark" wrote: > > > > On Sat, Sep 30, 2000 at 11:43:20PM +0200, Roman Shterenzon wrote: > > > Still, I think the default should be "insecure" install, since most > > > machines are firewalled. > > > > [...] > > > > I guess I am one of the few that thinks we should default off for the > > good of the newbie user, rather than save the newbie 5 minutes of RTFM > > to turn on telnet and ftp. Just everyone hope no exploit like the > > recent SGI telnetd bug is ever found hiding in FreeBSD's telnetd. > > I agree, mainly for the reasons you state --- the newbies that are most > likely to install with defaults and no tweaking are often those who are > running in environments where they need the most protection. The default > install should be all services off, with an easy means to enable them > explicitly during and after an install. You can add my vote to that. cheers, Adam -- Adam Laurie Tel: +44 (20) 8742 0755 A.L. Digital Ltd. Fax: +44 (20) 8742 5995 Voysey House Barley Mow Passage http://www.aldigital.co.uk London W4 4GB mailto:adam@algroup.co.uk UNITED KINGDOM PGP key on keyservers To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?39D6F48B.EC92A921>