Jeroen Dekkers wrote:
On Tue, May 21, 2002 at 06:09:08PM +0200, Marcus Brinkmann wrote:Al those features are useful. Nobody is claiming that the Hurd shouldn't have these features, or shouldn't have firewall features. The Hurd should have everything anybody ever wants ;)By first reading this I agreed with you. After pondering about this issue I claim that the Hurd should not have IP filtering features. The fact is that because of the Hurd's design IP filtering is *not useful*. The only reason I can come up with is a system administrator trying to limit what the user does. This is directly against the GNU philosophy of user freedom. The whole GNU system (including the Hurd) is designed around this user freedom. (I got this logic from the book "Free as in Freedom")
That is ridiculously stupid.A sysadmin's system is his. Not the user's, and not your's. He should be free to pursue _his_ philosophy about security. If end-users have a problem with it, they can buy their own box, and become sysadmins themselves.
Now speaking as a professional sysadmin, if the Hurd operates on the kind of thinking you describe, I'll forbid attaching it to any network I manage.
Given that the Internet is a lot like a warzone these days, with unsecured systems being cracked within minutes of going online, I don't believe anyone should even consider shipping a general-purpose OS without IP filtering.
The Hurd's design is so secure that it makes firewalls immoral IMHO.
This is a priceless quote. I couldn't think up anything that surreal if my life depended on it.
---Nathan -- To UNSUBSCRIBE, email to debian-hurd-request@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org