On Sat, Jul 02, 2005 at 11:42:40PM +0200, Marco d'Itri wrote:
> On Jul 02, Wouter Verhelst <firstname.lastname@example.org> wrote:
> > Well, then the 'foundation of Internet security' is very weak, I'm
> > afraid. It's plain stupid to rely on someone else to get _your_ security
> > working correctly. Think about it.
> There is also the quite important point that even the most stupid of the
> attackers could just look at ~/.bash_profile instead and get all or most
> of the hostnames anyway, so I still do not see the benefits of enabling
> this option by default.
Also, this is not true in a world where many desktop users are using GUI
frontends to sftp or the like.
Colin Watson [email@example.com]