Servers going online automatically?
Hi! I'd discuss Debian's policy about server packages (e.g. pure-ftpd) going online automatically after "apt-get install" (and a reboot) without informing the operator.
I read somewhere that it's an old Debian tradition that server packages behave do that. However, since the documentation of those packages doesn't necessarily give the user a clue about that behavior, servers with unwanted configuration (possibly half-configured) may occasionally go online inadvertently, which can be a security risk.
Now, I am not expecting to get that policy changed just like that but would it be a good idea to mandate some documentation, perhaps a notification to the package description, for those packages that expose such an interface to the world without user interaction?
Regards,
Vesa
Reply to: