From owner-freebsd-arch  Wed Oct 11 12:41:34 2000
Delivered-To: freebsd-arch@freebsd.org
Received: from earth.backplane.com (placeholder-dcat-1076843290.broadbandoffice.net [64.47.83.26])
	by hub.freebsd.org (Postfix) with ESMTP id 6B1C737B71B
	for <arch@FreeBSD.ORG>; Wed, 11 Oct 2000 12:05:16 -0700 (PDT)
Received: (from dillon@localhost)
	by earth.backplane.com (8.11.0/8.9.3) id e9BJ59X21786;
	Wed, 11 Oct 2000 12:05:09 -0700 (PDT)
	(envelope-from dillon)
Date: Wed, 11 Oct 2000 12:05:09 -0700 (PDT)
From: Matt Dillon <dillon@earth.backplane.com>
Message-Id: <200010111905.e9BJ59X21786@earth.backplane.com>
To: Marius Bendiksen <mbendiks@eunet.no>
Cc: arch@FreeBSD.ORG
Subject: Re: cvs commit: src/etc inetd.conf 
References:  <Pine.BSF.4.05.10010110202310.51005-100000@login-1.eunet.no>
Sender: owner-freebsd-arch@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG


:
:>     Nobody is saying we should remove these programs, only that they
:>     should not be turned on by default.  They should be commented out
:>     in inetd.conf (like everything else in inetd.conf) so the machine
:
:Why not make them turned on by default, and make a package which makes
:your system secureish? Such a package can be installed from the usual
:sysinstall procedure.
:
:>     isn't poked full of holes when someone turns inetd on without looking 
:>     at inetd.conf.  I can't imagine why anyone would do that, I guess
:
:"If someone points a gun at their foot, and pull the trigger, it is Unix'
:task to reliably deliver the bullet to it's intended target." - phk, iirc.
:
:It should not be our task to cover for people in such a fashion. If they
:are unable to secure the system by themselves, they can install such a
:security port. If they fail to do even that, then they can use Windows
:2000, which by most accounts is getting close to stableish.
:
:Marius

    There's being 'reasonable' and there's being 'unreasonable'.  This 
    type of argument doesn't wash when the reasonable thing to do, with
    the availability of ssh, is to make things 'reasonably secure' by
    default.  You can't ask for more, but neither should you require
    less.  The lowest common denominator is not telnet or ftp any more.

						-Matt


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message