[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Release update

Chip Salzenberg wrote:
> According to sean finney:
> > or if folks argue to keep nfs in standard, how about at least having
> > portmap/rpc*/nfs-common default to disabled?
> Works for me, either way.

Currently installing 'nfs-kernel-server' means that NFS is enabled
after installation.  Which is just perfect.  If I did not want NFS
enabled I would not have installed it.  But wanting NFS I install it
and having installed NFS then I do want it running.

NFS servers and secure systems are both wonderful uses of Debian but
no one talks about them on the same host.  That would be silly.  It is
just that Debian is so useful to such a wide range of target
applications that people get confused about the particular audience.

If someone is installing NFS then they are obviously not worried about
security.  The typical example would be a technical workstation
environment on a private network not attached to the Internet.
Frequently running NIS/YP and all of the hosts can basically be be
called one machine and all live in the same security domain.

Meanwhile on a system exposed to the wild, wild, 'net security is very
important.  A typical case here would be a desktop attached to the
Internet.  Usually a workstation used by a single individual.  Let's
say a home high-speed internet connection.  Typically used solely as a
platform for client applications such as web browsers, editors, etc.
Here the system should be clamped down and you would not want to be
anything you did not need to be running.

Hoping we can keep both uses of Debian easy and carefree.


Attachment: pgpfrDA6AUvgP.pgp
Description: PGP signature

Reply to: