On Fri, 2002-02-08 at 02:20, Pixel wrote: > Bryan Paxton <[EMAIL PROTECTED]> writes: > > > On Thu, 2002-02-07 at 23:05, Steve Fox wrote: > > > Sorry if this has been discussed before, but why is the default security > > > level low? I would think medium should be default since the help text > > > recommends it for any Internet connected computer. I'm doing an expert > > > install. > > > > I agree it should be at level 3 (medium)... Haven't actually installed > > mdk in a while (update manually), this is disappointing to hear that > > it's been at level 2 (a very insecure level). > > level 2 is not a very insecure level > > AFAIK, there's not much difference between level 2 and 3 with current msec. > The major differences: > - X port 6000 is closed in level 3 (and i won't accept a default install which > breaks xhost +foobox) > - ssh-server allows login as root in level 2 > $ printenv | grep SEC SECURE_LEVEL=3 [kk1@mach1 19:27:35 kk1]$ ssh -l root mach2 root@mach2's password: Last login: Thu Feb 7 00:38:43 2002 from mach1.net.work [root@mach2 root]# printenv | grep SEC SECURE_LEVEL=3
Am I missing anything? =-= kk1