Re: red worm amusement
Jacob Meuser <jakemsr@clipper.net> writes:
> Still not the point. I'm talking about services being enabled, either
> by default, or by apt-get.
[...]
> ftpd is not enabled by default.
So imagine someone looking for a ftp-server, and, as it happens to be
the case, finds one, say, per locate, in /usr/libexec, which already
has a line corresponding to it in /etc/inetd.conf, though commented
out...
> There are many ways to locally compromise any Unix-like OS,
> therefore it has a rather low priority.
This sounds a bit illogical to me. If there are 'many ways', shouldn't
it rather be 'high priority', especially, as this renders per-daemon
uids basically useless?
> And whose going to teach them? Certainly not an OS that makes it as
> easy as 'apt-get install apache'!
OSs don't teach people anything, documentation does. Which won't get
read anyway or at least be ignored.
> Maybe you don't get it. A system that is compromised poses a danger
> to EVERYONE ON THE INTERNET.
So what? Try a cable-cutter.
--
stone me
Reply to: