[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: ALL: PARANOID from /etc/hosts.deny Should be Commented by default

On Thu, Apr 19, 2001 at 02:11:24PM +1000, Craig Sanders wrote:
> On Thu, Apr 19, 2001 at 03:16:52AM +0200, PiotR wrote:
> > Seriously, i think you are missing the contact with reality in this
> > issue.
> actually, you are the one who is out of touch with reality.
> > When you start compromising usability in favor of security, you are
> > beening PARANOID.. And that is what is wrong in /etc/hosts.deny.
> security is *always* a compromise of usability. it is an inherent
> trade-off which can not be avoided.
> a completely open system is very usable...no annoying barriers to
> whatever action you want to perform, no wasting time with passwords or
> getting file permissions right or any other obstacle. just go ahead and
> do it.
> the trouble is that anyone else is also able to just go ahead and do
> whatever they want too. in order to prevent unauthorised people from
> messing with your system you have to compromise some of your usability.
> > Specially when we are talking about DEBIAN DEFAULTS!
> if you don't like the default, then change it. 

You are the one that should change it, since you are the one who demands specially exquisite security.

> debian provides a huge selection of text editors which will help you do
> that.

Who wants that if you have an hex editor arround?

> > Note that the majority of debian users don't have to be networking
> > gurus by default.
> true. that's exactly why we should provide secure defaults...so that
> their lack of expertise does not ensure that their system will be hacked
> within 5 minutes of it going live on the internet.

Removing ALL: PARANOID from /etc/hosts.deny wont lead to any hacked system, so It seems you don't know what we are discussing in this thread.

> craig
Pedro Larroy Tovar. PiotR | http://omega.resa.es/piotr/

Reply to: