On Wed, Apr 01, 2009 at 08:38:46PM +0200, Patrick Schoenfeld wrote: > Well, its only about *new* services after installation. The intention > behind that is that some people don't like to run un- or half-configured > daemons immediately after installing them.
It's Debian policy that packages should come with a reasonable default configuration. If a given package provides a default configuration for a service that is not reasonable, you should take that up with the maintainer of that package. Note that this does not imply "any service that ships enabled is buggy". It means only that the maintainer of the package is responsible for ensuring the default behavior isn't insecure or horrid. Demanding that services one selects for installation not be enabled out-of-the-box is not a prerequisite to achieving the policy goals; that has more to do with placating control-fetishizing admins than with ensuring secure defaults. > > I like the homogenization part of your proposal, but the default policy > > should be set by packages themselves, not by the local administrator. > Well, thats an opinion I can't agree less with. Yes, I accept that there > are special cases, but the default really should be that the admin has > the last word. Well, I don't see in what sense this is a "default". The default is what's shipped in the package. -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. Ubuntu Developer http://www.debian.org/ slanga...@ubuntu.com vor...@debian.org -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
