[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: red worm amusement

On Sat, Jul 21, 2001 at 10:57:39PM +0100, Nik Butler wrote:
> Jacon Said:
> >> .  I doubt everyone who is running servers on Debain (by choosing to do
> so during
> >> the 'oh so easy' installation) really knows what they're doing.
> Grr, talk about giving companies like mine a bad name, Im promoting Open
> Source software and and its benefits, I gotta sit here on a saturday
> afternoon , playing catchup with my email and read comments like this.
> sigh.
Don't get my wrong.  Debain is great, and I think it's fantastic that 
you're helping to spread the good word.

I just think it's dangerous (and somewhat irresponsible) that
'apt-get install apache' installs AND starts apache AND adds links in
/etc/rd?.d, so that apache will be running everytime the box is started.
Not to mention one doesn't even have to look at httpd.conf.  For those
that do know how to safely run servers, is it really that time consuming
to do these things yourself?

I think 'apt-get'ting a service should first display some sort of warning.
It should be rather technical, perhaps confusing to people who don't
know anything about running servers, so it at least makes them think twice
about installing said service.

I know security and useability are (at least said to be) inversely 
proportional.  It seems to me that Debain is more concerned about
useability than security, which is bad for the rest of the internet.
(I know, Debian is not the only distro that makes running servers 
dangerously easy, but I look at Debian as the example that others should
follow ;)


Reply to: