Klaus Ethgen wrote: > A black day in the security of Debian. Well.. One more. Absolutely true,... :-( Now that we have Ubuntu as competitor, which is nicely coloured and where everything "just works", let's try to imitate (and integrate Ubuntu stuff) as much as possible. Or even better,... let's use Windows as archetype. Why don't we add any user to the root group automatically!? Or even better give him/her full sudo rights!? Doesn't the typical desktop installation serve just one user anyway? I really love Debian and the great work of its people, but security seems to be dead. I don't talk about the work of the security team. I talk about hardening. I've seen so many examples recently, e.g. (IIRC) changing the default for portmap back to "bind to any interface". And I could list dozens of other examples, where packages behave(d) in a more or less insecure way or where a rather "open" default configuration was chosen. Forgive me my sarcasm and flames above, but honestly: It's a sad day, Chris.
Attachment:
smime.p7s
Description: S/MIME cryptographic signature