On Thursday 19 April 2001 17:33, Nathan Dabney wrote: > How about we first ask the user upon install if they want to be able to > accept outside connections at all. > > I think this thread could be solved by designing a few types of installs > and giving defaults for host.deny and host.allow and other security points > for each install scenario. > > Example: > Basic Install - Workstation (no access) > host.deny: ALL: ALL > > Basic Install - Workstation (some access) > host.deny: ALL: PARANOID (or IPs) > > Basic Install - Server (some access) > host.allow: ALL: ip list for accessible points > host.deny: ALL: PARANOID (prompt user for preference) > > Expert Install - Asks user what they want, IP based or paranoid or none. > > We *need* a "secure by default" install option for people that may want to > use it.
That seems really perfect to me. But I've read in this thread of possible problems that removing ALL:PARANOID can lead (thanks Anthony Towns - among others :)). What about warning the user of them so he will know the "secondary effects" of such a trivial decission? > What does everyone think of a /etc/security.policy file with a few security > flags set upon install that packages can read during later installs or > upgrades to see if they should be open or closed by default? Great idea.
