Lee wrote: > There was this bit in the debian-devel mailing list > > >> To make this happen for trixie, I don't see how to do it. Anyone having > >> the old 'signify' package on their system would get OpenBSD's signify > >> instead of the new 'signify-mail' package after an upgrade. Is that > >> problem really worth caring about? > >No: popcon == 58. > > If you don't have popcon enabled, why not? > > I have it enabled and I'm not seeing a real downside to having it > enabled. What am I missing?
A security policy that requires a good reason to enable contact in either direction across a firewall. That's a set of boxes between 100 and 1000 that I'm responsible for, all running Debian. In general, the people who enable popcon are more likely to have laptops than desktops, and much more likely to run on a desktop than on a server. They are more likely to be in charge of 1-10 machines, all with haphazard policies, than in charge of a fleet of machines with a unified policy. -dsr-
