Re: Release update

To: debian-devel@lists.debian.org
Subject: Re: Release update
From: Steve Kemp <skx@debian.org>
Date: Mon, 29 Mar 2004 19:56:43 +0100
Message-id: <[🔎] 20040329185642.GC4006@steve.org.uk>
Reply-to: Steve Kemp <skx@debian.org>
In-reply-to: <[🔎] 20040329185245.GA10916@fysh.org>
References: <20040329144022.GA24540@riva.ucam.org> <[🔎] 20040329152459.GA27437@steve.org.uk> <[🔎] 20040329175005.GC17981@keid.carnet.hr> <[🔎] 20040329180159.GA1809@steve.org.uk> <[🔎] 20040329182606.GA13590@rembrandt.csv.ica.uni-stuttgart.de> <[🔎] 20040329185245.GA10916@fysh.org>

On Mon, Mar 29, 2004 at 07:52:45PM +0100, Zefram wrote:

> That would be a really bad idea.  Having the services only accept local
> connections would make some sense, but crippling the networking is not
> a good default.

  "Crippling" seems to be a harsh assessment.

  However going the other way and setting up all networking packages
 _by default_ to bind to only the local interface would be an acceptible
 alternative.

  The attraction of a firewalling-by-default approach would be that
 only one additional new package must be added, rather than updating
 all the networking packages.  (mysql, postgres, apache, bind, etc).

Steve  
-- 
# Debian Security Audit Project
http://www.shellcode.org/Audit/

Reply to:

References:
- Re: Release update
  - From: Steve Kemp <skx@debian.org>
- Re: Release update
  - From: Josip Rodin <joy@srce.hr>
- Re: Release update
  - From: Steve Kemp <skx@debian.org>
- Re: Release update
  - From: Thiemo Seufer <ica2_ts@csv.ica.uni-stuttgart.de>
- Re: Release update
  - From: Zefram <zefram@fysh.org>

Prev by Date: unstable in the middle of the Bokmal transition?
Next by Date: Re: [adam@flounder.net: Re: testing and no release schedule]
Previous by thread: Re: Release update
Next by thread: Re: Release update
Index(es):
- Date
- Thread