[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Packages should not Conflict on the basis of duplicate functionality

On Wed, Sep 29, 1999 at 03:51:37PM +1000, Craig Sanders wrote:
> On Wed, Sep 29, 1999 at 12:52:16AM -0400, Mark W. Eichin wrote:
> > True, but don't forget the case of an initial install - you pick some
> > profile, and get lots of stuff, with no hints.  (In this case, I like
> > they idea of a debconf global flag of "prompt me about daemon
> > enablement", which is kind of the *reverse* of what most people want
> > debconf for...)
> IMO that's the price you pay for saying "install a whole bunch of random
> stuff i haven't personally selected". if you cared, you'd take the time
> to vet all selections yourself. if you don't care, accept whatever the
> selection set gives you. if you discover later that you actually DO
> care, then uninstall or disable the relevant package.

The fantasy is over--WELCOME TO REAL LIFE! It turns out that some people
install linux without preexisting knowledge of how to securely
administer a unix machine. When we ship a system with a bunch of stuff
enabled by default, we're not only putting their machine at risk but
we're also creating problems for everyone else who's system is attacked
by someone using the debian machine as a jump-off point. That's bad.
It's really time to get away from the mentality that everyone needs to
have everything turned on all of the time; if a persone really *needs*
something enabled, they can figure out how to do it. (If they can't,
should they really be administering a network node?) This isn't a UI
issue, this is a matter of security and of us taking responsibility for
the state of quite a few systems out on the internet which will be
configured according to *our* defaults.

Mike Stone

Attachment: pgp2dEo4gD4Wy.pgp
Description: PGP signature

Reply to: