Date: Tue, 23 Nov 1999 16:13:16 -0700 From: Wes Peters <wes@softweyr.com> To: Brian Handy <handy@lambic.physics.montana.edu> Cc: James Gill <gill@topsecret.net>, security@FreeBSD.ORG Subject: Re: Disabling FTP Message-ID: <383B1F8C.60DC2726@softweyr.com> References: <Pine.BSF.4.10.9911230851120.11134-100000@lambic.physics.montana.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
Brian Handy wrote:
>
> >> tell that to -advocacy.
> >
> >If they can't install it, they won't ever stay with it. The solution to
> >this is to create install profiles, including a "clueless newbie" install
> >that turns on everything but warns them this can be dangerous. A little
> >doco that explains WHY it's dangerous wouldn't hurt.
>
> Seems to me the solution is even simpler than that -- there's a question
> in the [emphasis] "NOVICE" [/emphasis] install that asks if you want to
> turn on anonymous ftp. Why not just extend that a bit to ask if you want
> ftpd turned on at all, and put the appropriate hook in rc.conf like we do
> with so many other things?
There may be as many as 20 little knobs to turn on and off; this is NOT
going to SIMPLIFY the install. At a glance, ftp, telnet, shell, login,
finger, ntalk, ident, and smtp are all ones to put in the Q&A, and that's
just glancing through /etc/inetd.conf quickly. A newbie isn't going to
know what to do about any of them. So, you give them a button that says
"I'm a newbie, let me install an OPEN system" and then point them at a
document that tells them what the differences between the "Newbie OPEN"
install and the "Expert Closed" install are, and why they differ.
--
"Where am I, and what am I doing in this handbasket?"
Wes Peters Softweyr LLC
wes@softweyr.com http://softweyr.com/
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?383B1F8C.60DC2726>