From owner-cvs-etc Wed Aug 2 02:48:46 1995 Return-Path: cvs-etc-owner Received: (from majordom@localhost) by freefall.cdrom.com (8.6.11/8.6.6) id CAA26379 for cvs-etc-outgoing; Wed, 2 Aug 1995 02:48:46 -0700 Received: from server.netcraft.co.uk (server.netcraft.co.uk [194.72.238.2]) by freefall.cdrom.com (8.6.11/8.6.6) with ESMTP id CAA26373 ; Wed, 2 Aug 1995 02:48:38 -0700 Received: (from paul@localhost) by server.netcraft.co.uk (8.6.11/8.6.9) id KAA12549; Wed, 2 Aug 1995 10:47:12 +0100 From: Paul Richards Message-Id: <199508020947.KAA12549@server.netcraft.co.uk> Subject: Re: cvs commit: src/etc gettytab To: jkh@time.cdrom.com (Jordan K. Hubbard) Date: Wed, 2 Aug 1995 10:47:12 +0100 (BST) Cc: rgrimes@gndrsh.aac.dev.com, jkh@freefall.cdrom.com, CVS-commiters@freefall.cdrom.com, cvs-etc@freefall.cdrom.com In-Reply-To: <2224.807351138@time.cdrom.com> from "Jordan K. Hubbard" at Aug 2, 95 01:12:18 am Reply-to: paul@freebsd.org X-Mailer: ELM [version 2.4 PL24] MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit Content-Length: 1648 Sender: cvs-etc-owner@freebsd.org Precedence: bulk In reply to Jordan K. Hubbard who said > > > Your claimed reason for the original change here is bogus anyway. > > The system clearly identifies itself once you login: > > > > FreeBSD 2.1-STABLE (GNDRSH) #0: Thu Jul 27 12:18:30 1995 > > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > > Bzzt! > > That's only if you let it beat out your /etc/motd for you, not if you > maintain your own. It also misses the point. Those that desire this > change can now quickly check the version of a machine without even > having to log into it. You just connect and say "ah". > I'm against thist change too. Strangely enough we just had a similar discussion on the apache development list about this. Announcing info without authentication is BAD. Why the burning need to go *adding* rope for inexperienced to hang themselves? I'd like to hear just one valid reason for announcing anything other than the hostname before a login? Why do you need to see anything before you login, if you have an account there a re a myriad ways to find out the same info, the ONLY other possible reason would be if you were randomly connecting to sites trying to find an OS with holes. We simply shouldn't even provide that functionality. Yes, people can leave wide open accounts if they're inexperienced but there's no easy way to ship a system that's already secure but I seen no reason to add knobs that allow inexperienced admins to make the system less secure. -- Paul Richards, Bluebird Computer Systems. FreeBSD core team member. Internet: paul@FreeBSD.org, http://www.freebsd.org/~paul Phone: 0370 462071 (Mobile), +44 1222 457651 (home)