Re: Debian two-factor auth, GSoC?

[Russ Allbery <rra@debian.org>]

Kevin Chadwick <ma1l1ists@yahoo.co.uk> writes:

> Does it require a JRE to be installed (which the security community
> avoids for good reason), if so then it does reduce your server/machine
> security,

Oh, for heaven's sake.

I've been doing systems administration professionally for twenty years and
maintaining and contributing to core computer security software for
fifteen years.  I am by any reasonable definition part of the "security
community," and I will tell you that installing a JRE on a system does
nothing more to compromise the security of your system than installing a
compiler or installing Python on your system.

It's a PROGRAMMING LANGUAGE, people!  Put the FUD down carefully and step
away from the crack pipe.

-- 
Russ Allbery (rra@debian.org)               <http://www.eyrie.org/~eagle/>