Re: [POSSIBLE GRAVE SECURITY HOLD]

["der.hans" <deb-entwick@LuftHans.com>]

On Thu, 3 Feb 2000, Nils Jeppe wrote:

> On 2 Feb 2000, John Goerzen wrote:
> 
> > It is NOT an insecure default.  It is being used in an insecure way.
> 
> Not in your limited field of view, but in the greater picture, it
> obviously is. I have said before, the majority of Debian users are not
> going to be effected by it. Still means it has to be fixed one way or the
> other. What's the big deal of asking people during the installation if
> they want this feature disabled? I get bothered by the

How about making a task-physical-security which fixes this, passwd
protects lilo, makes the monitor spin 3 times anytime anyone makes a tpyo
and whatever else might be needed?

It could also be done the other way with a task-physical-insecurity
(task-post-root-to-usenet?). Whatever.

> pcmcia-deinstall-question with every install too, and I think it's safe
> that only a tiny fraction of debian systems have any use for pcmcia. ;)

I find that one annoying, especially when it asked me that on my laptop,
which was installing via nfs over the pcmcia ethernet card :).

ciao,

der.hans

-- 
# +++++++++++=================================+++++++++++ #
# The Linux for YOUR Business seminar, Feb 8th in Phoenix #
#           http://www.excelco.com/seminar3.htm           #
#                  der.hans@LuftHans.com                  #
#             http://home.pages.de/~lufthans/             #
#          Science is magic explained. - der.hans         #
# ===========+++++++++++++++++++++++++++++++++=========== #