Re: Debconf or not debconf

To: debian-devel@lists.debian.org
Subject: Re: Debconf or not debconf
From: Matt Zimmerman <mdz@debian.org>
Date: Wed, 2 Jul 2003 23:04:19 -0400
Message-id: <[🔎] 20030703030419.GM4426@alcor.net>
Mail-followup-to: debian-devel@lists.debian.org
In-reply-to: <[🔎] 20030702183453.7fb4752b.jpenny@universal-fasteners.com>
References: <[🔎] 200307011712.09325.speedblue@debian.org> <[🔎] 20030702014001.GB6719@quetzlcoatl.dodds.net> <[🔎] 20030702105029.6c494b6e.jpenny@universal-fasteners.com> <[🔎] 20030702205700.GG14635@tennyson.netexpress.net> <[🔎] 20030702183453.7fb4752b.jpenny@universal-fasteners.com>

On Wed, Jul 02, 2003 at 06:34:53PM -0400, Jim Penny wrote:

> Because of security considerations.  The configuration file is read on
> startup, and then stunnel chroots away, so that it is no longer visible.
> The command line interface leaked information, internal IP structure,
> internal ports, etc. that a really paranoid person might prefer not be
> visible.

I do not see how this change helps the situation.  If there was previously a
command line interface, and this was removed, that is not enabling the user
to do anything new.  Adding the configuration file functionality allows the
user to do something they previously could not, but it doesn't seem
necessary to remove other functionality in order to accomplish this.

-- 
 - mdz

Reply to:

References:
- Debconf or not debconf
  - From: Julien LEMOINE <speedblue@debian.org>
- Re: Debconf or not debconf
  - From: Steve Langasek <vorlon@netexpress.net>
- Re: Debconf or not debconf
  - From: Jim Penny <jpenny@universal-fasteners.com>
- Re: Debconf or not debconf
  - From: Steve Langasek <vorlon@netexpress.net>
- Re: Debconf or not debconf
  - From: Jim Penny <jpenny@universal-fasteners.com>

Prev by Date: Re: Debconf or not debconf
Next by Date: Re: G++ 3.2 transition: How're we doing?
Previous by thread: Re: Debconf or not debconf
Next by thread: Re: Debconf or not debconf
Index(es):
- Date
- Thread