Thus spake Terry Lambert <[EMAIL PROTECTED]>: > David Schultz wrote: > > Aah...we'd better put uucp back in the base system, then. Never mind > > that it might have security problems that we don't know about. :P > > I can guarantee you that having a computer booted has security > problems that we don't know about, so the logical thing to do, > from that persepective, is to power everything off. > > 8^p back at ya...
That would, of course, be impractical. If you want to take everything to extremes, the other option is to ignore security entirely. Statistically, it makes sense not to leave potentially insecure fluff lying around unless removing the fluff would be vastly inconvenient. The whole business of what is enabled by default is of particular concern because many FreeBSD users are not Unix gurus. You learned Unix before security was a major concern, but many people don't have that advantage. The defaults should afford a reasonable degree of security, and people should be able to turn on other features as they begin to understand them. I am not proposing to create a system that is virtually unusable by default, a la OpenBSD, but it is not unreasonable to disable by default a feature that most people do not use. People who want and understand the feature can turn it on easily enough. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
