On Sat, Oct 02, 1999 at 03:53:43PM +1000, Anthony Towns wrote: > On Fri, Oct 01, 1999 at 11:53:19PM -0500, The Doctor What wrote: > > The idea was not to say that "since I work for *a company* I'm an > > authority". My point was that I work in the "real world" and have a > > counter example. > > And of course, everyone else on the list doesn't work in the "real world", > and just plays in their own little pointless sandpit. Feh. > > That *is* offensive. > > (And if we all do live in the "real world" then there's nothing special > about the fact that you do too, so you wouldn't bother pointing it out, > right? So since it was necessary to point it out, the rest of us must > be cloistered academics, or insulated children or something, yes?) > > ``I work for TurboLinux, and this is the way we do it...'' is all very > well. > > ``I work for TurboLinux. This is the way you should do it.'' is less so.
I was saying that I have "real world" (counter) examples. Namely mine. He suggested that Michael Stone wasn't in the real world. Michael Stone was offering the same opinion of Craig Sanders. Craig obviously has real world experience, as per his web site http://siva.taz.net.au/~cas/ And running a home machine (Like azure http://azure.humbug.org.au/~aj) is real too. The fact I work at TurboLinux gives me *zero* right to say "it should be so". The fact I use Debian and like Linux does give me the right to say, "*I* think it should be done this way". I did not say anyone else is or is not in the real world. For the most part, I let people decide that for themselves. > In any case, I fail to see how pressing `_' in dselect before any > unnecessary daemons are installed could possibly be less secure than > saying "No, I don't want services activated by default" and then > installing them anyway. This isn't about increasing security per se, > it's about either increasing choice (so you can install daemons even > if you don't want to run them for whatever reason), or about giving you > more knowledge about what's going on (so that when you install linuxconf > you find out that it comes with a remote configuration thingo). Both are secure. Asking a user at install time gives the following advantages (in order of importance to me): * Ability to run concurrent 'same service' servers (more choice!) * Ability to *not* run a server on install (more choice) * A clear indication that this package uses the net * Security by default. A user can ignore it, but it isn't 'reasonable' to go any further and force this down their throat. So in that respect, we are on the same page. I agree. I just think that all packages should ask. If one wants a global switch that says: "Run all daemons at install: (y/n/Ask)" Fine! I'd love it! I'd be very happy. Ciao! -- Any member introducing a dog into the Society's premises shall be liable to a fine of one pound. Any animal leading a blind person shall be deemed to be a cat. -- Rule 46, Oxford Union Society, London The Doctor What: Un-Humble http://docwhat.gerf.org/ [EMAIL PROTECTED] (finger [EMAIL PROTECTED] for PGP key) KF6VNC