Hi, Le 03/08/11 17:23, Wouter Verhelst a écrit : > On Mon, Aug 01, 2011 at 03:17:51PM +0600, Andrey Rahmatullin wrote: >> On Sun, Jul 31, 2011 at 08:27:04PM +0000, Clint Adams wrote: >>> On Sun, Jul 31, 2011 at 05:38:43PM +0600, Andrey Rahmatullin wrote: >>>> I would be glad if all services (at least network-enabled or especially >>>> insecure for other reasons) didn't start by default. >>> Maybe everyone would be happy if there were a central place to set >>> the administrator's preferred policy. >> Making the "do not start by default" policy default for the distro should >> improve out-of-box security. > > Our policy has always been 'do not install by default', which obviously > implies 'do not start by default'. > I don't agree. When I install Debian on a laptop or workstation, I only want what I need, and most of the time I don't want a SSH or FTP server. But the day I need it, I install it and I want to use it right away to connect to my personal account. I don't want to spend minutes or worse understanding how to start it reliably and safely. Regards, Thibaut.
Description: OpenPGP digital signature