Re: A few observations about systemd
On Thu, Aug 04, 2011 at 07:41:29AM +0200, Thibaut Paumard wrote:
> Hi,
>
> Le 03/08/11 17:23, Wouter Verhelst a écrit :
> > On Mon, Aug 01, 2011 at 03:17:51PM +0600, Andrey Rahmatullin wrote:
> >> On Sun, Jul 31, 2011 at 08:27:04PM +0000, Clint Adams wrote:
> >>> On Sun, Jul 31, 2011 at 05:38:43PM +0600, Andrey Rahmatullin wrote:
> >>>> I would be glad if all services (at least network-enabled or especially
> >>>> insecure for other reasons) didn't start by default.
> >>> Maybe everyone would be happy if there were a central place to set
> >>> the administrator's preferred policy.
> >> Making the "do not start by default" policy default for the distro should
> >> improve out-of-box security.
> >
> > Our policy has always been 'do not install by default', which obviously
> > implies 'do not start by default'.
> >
>
> I don't agree.
Actually, you do.
> When I install Debian on a laptop or workstation, I only
> want what I need, and most of the time I don't want a SSH or FTP server.
> But the day I need it, I install it and I want to use it right away to
> connect to my personal account. I don't want to spend minutes or worse
> understanding how to start it reliably and safely.
Well, yes. Our default is that we don't install something by default.
Obviously, if something isn't installed, it also isn't started -- you
can't run what you haven't got on your hard disk to start with.
If you do want it started, that means you need to install it first. Then
it makes very much sense it is started automatically.
Right?
--
The volume of a pizza of thickness a and radius z can be described by
the following formula:
pi zz a
Reply to: