From owner-freebsd-current  Fri Jul 28 17:39:55 2000
Delivered-To: freebsd-current@freebsd.org
Received: from dt052n3e.san.rr.com (dt052n3e.san.rr.com [204.210.33.62])
	by hub.freebsd.org (Postfix) with ESMTP
	id 3D30B37B5C3; Fri, 28 Jul 2000 17:39:51 -0700 (PDT)
	(envelope-from DougB@gorean.org)
Received: from gorean.org (master [10.0.0.2])
	by dt052n3e.san.rr.com (8.9.3/8.9.3) with ESMTP id RAA12353;
	Fri, 28 Jul 2000 17:39:50 -0700 (PDT)
	(envelope-from DougB@gorean.org)
Message-ID: <398227D5.9E7AEAA5@gorean.org>
Date: Fri, 28 Jul 2000 17:39:49 -0700
From: Doug Barton <DougB@gorean.org>
Organization: Triborough Bridge & Tunnel Authority
X-Mailer: Mozilla 4.73 [en] (Win98; U)
X-Accept-Language: en
MIME-Version: 1.0
To: Eivind Eklund <eivind@FreeBSD.org>
Cc: current@FreeBSD.org
Subject: Re: *** HEADS UP *** rc.conf changes (security)
References: <20000729004143.M45306@ee.follo.net>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Eivind Eklund wrote:

> This change might seem a little counterintuitive (given that
> /etc/defaults/ are for defaults, after all) but seems to be the best
> compromise for both getting the functionality jkh wants (freshly
> installed boxes have active daemons, so users don't feel they have a
> lot of extra hassle to get things up and working like they are used to
> on other Unixen), and give FreeBSD a default secure config, meaning
> the insecurities stand out.

	FWIW, I totally support this change. Personally, I think the default for
everything should be "off," and the admin should be required to enable the
services he needs. Eivind, it's good to see you, even semi-active. :)

Doug


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message