Chip Salzenberg wrote: > According to sean finney: > > or if folks argue to keep nfs in standard, how about at least having > > portmap/rpc*/nfs-common default to disabled? > > Works for me, either way. Currently installing 'nfs-kernel-server' means that NFS is enabled after installation. Which is just perfect. If I did not want NFS enabled I would not have installed it. But wanting NFS I install it and having installed NFS then I do want it running. NFS servers and secure systems are both wonderful uses of Debian but no one talks about them on the same host. That would be silly. It is just that Debian is so useful to such a wide range of target applications that people get confused about the particular audience. If someone is installing NFS then they are obviously not worried about security. The typical example would be a technical workstation environment on a private network not attached to the Internet. Frequently running NIS/YP and all of the hosts can basically be be called one machine and all live in the same security domain. Meanwhile on a system exposed to the wild, wild, 'net security is very important. A typical case here would be a desktop attached to the Internet. Usually a workstation used by a single individual. Let's say a home high-speed internet connection. Typically used solely as a platform for client applications such as web browsers, editors, etc. Here the system should be clamped down and you would not want to be anything you did not need to be running. Hoping we can keep both uses of Debian easy and carefree. Bob
Attachment:
pgpfrAmnIV0ks.pgp
Description: PGP signature