M. Warner Losh wrote: > : When you change defaults on a running system, you piss off a lot of users. > : Including me. :-) > When we fail to take reasonable steps to preclude intruders from > gaining access to your system, we'd likely piss you off more if you > knew about it :-(.
Hey, I intentionally said nothing about the desirability of such a change. I just don't believe that changing the defaults of a running system is a good idea. Perhaps changing the defaults for newly-installed systems _is_ a good idea, about that I have no opinion, but when I do a mergemaster and something very basic stops working, it's not more secure, it's just broken. I don't object to more secure systems (far from it), I just object to sudden changes in systems I run. These systems have _already_ been secured against intrusion; like any administrator worth his salt, I've taken steps to secure the borders of my network(s). Inside my network, though, things are less secure because I know I can trust myself. It seems easy enough to create an /etc/rc.overrides script with a large "Danger Will Robinson" message to annoy a sysadmin into looking at it and containing the old defaults. -- Frank Mayhar [EMAIL PROTECTED] http://www.exit.com/ Exit Consulting http://www.gpsclock.com/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
