Re: ALL: PARANOID from /etc/hosts.deny Should be Commented by default

To: debian-devel@lists.debian.org
Subject: Re: ALL: PARANOID from /etc/hosts.deny Should be Commented by default
From: PiotR <piotr@omega.resa.es>
Date: Thu, 19 Apr 2001 03:29:16 +0200
Message-id: <[🔎] 20010419032916.E5361@omega.resa.es>
Mail-followup-to: debian-devel@lists.debian.org
In-reply-to: <[🔎] 20010418165750.U4217@osdlab.org>; from smurf@osdlab.org on Wed, Apr 18, 2001 at 04:57:50PM -0700
References: <[🔎] 20010418091902.O12115@flounder.net> <[🔎] Pine.LNX.4.30.0104182134190.13067-100000@tangramayne.pandemonium.de> <[🔎] 20010418135551.T12115@flounder.net> <[🔎] 20010418145534.V6381@plato.local.lan> <[🔎] 20010418182846.A13470@mercared.com> <[🔎] 20010418164315.S4217@osdlab.org> <[🔎] 20010418164841.C12115@flounder.net> <[🔎] 20010418165750.U4217@osdlab.org>

On Wed, Apr 18, 2001 at 04:57:50PM -0700, Nathan Dabney wrote:
> On Wed, Apr 18, 2001 at 04:48:41PM -0700, Adam McKenna wrote:
> > On Wed, Apr 18, 2001 at 04:43:15PM -0700, Nathan Dabney wrote:
> > > It doesn't have to be a big security win.  It's still a win.  It provides the 
> > > additional security as opposed to shipping with the distro's pants down.
> > 
> > It's not a win.  It provides _nothing_ except confusion for newbie sysadmins.
> > If we're going to have a default, it might as well be something useful.
> 
> I disagree, it's a small win.  The reasons for which have already been covered
> in this thread.  Just because the things it helps provide are not important to 
> you doesn't mean nobody would like them.
> 
> > > It's not too aggressive.  Would you prefer we ship with ssh allowing root logins and a default of no password for root so users can us without having to 
> > > understand what they are doing?
> > 
> > There are many other, better ways to increase security than enabling paranoid
> > host checks by default.  And most of them are just as easy.
> 
> Other yes, should we ignore this one, now.
> 
> I would prefer ALL: ALL in hosts.deny as a default.

I think this violates the possible "Debian default:worlwide acces" that I have previously mentioned.
> 
> -Nathan
> 
-- 
Pedro Larroy Tovar. PiotR | http://omega.resa.es/piotr/
piotr@omega.resa.es

Reply to:

Follow-Ups:
- Re: ALL: PARANOID from /etc/hosts.deny Should be Commented by default
  - From: cfm@maine.com
- Re: ALL: PARANOID from /etc/hosts.deny Should be Commented by default
  - From: Nathan Dabney <smurf@osdlab.org>

References:
- Re: ALL: PARANOID from /etc/hosts.deny Should be Commented by default
  - From: Adam McKenna <adam@debian.org>
- Re: ALL: PARANOID from /etc/hosts.deny Should be Commented by default
  - From: Nils Jeppe <nils@pandemonium.de>
- Re: ALL: PARANOID from /etc/hosts.deny Should be Commented by default
  - From: Adam McKenna <adam@debian.org>
- Re: ALL: PARANOID from /etc/hosts.deny Should be Commented by default
  - From: Ethan Benson <erbenson@alaska.net>
- Re: ALL: PARANOID from /etc/hosts.deny Should be Commented by default
  - From: José Luis Rey <jrey@mercared.com>
- Re: ALL: PARANOID from /etc/hosts.deny Should be Commented by default
  - From: Nathan Dabney <smurf@osdlab.org>
- Re: ALL: PARANOID from /etc/hosts.deny Should be Commented by default
  - From: Adam McKenna <adam@debian.org>
- Re: ALL: PARANOID from /etc/hosts.deny Should be Commented by default
  - From: Nathan Dabney <smurf@osdlab.org>

Prev by Date: Re: character sets
Next by Date: Re: Sendmail FEATURE() syntax incorrect
Previous by thread: Re: ALL: PARANOID from /etc/hosts.deny Should be Commented by default
Next by thread: Re: ALL: PARANOID from /etc/hosts.deny Should be Commented by default
Index(es):
- Date
- Thread