On Sat, Jul 21, 2001 at 09:02:54PM -0700, Jacob Meuser wrote: > > Oh, I guess anyone can say something like "Four years without a remote > hole in the default install!" on the internet, where anyone is free to that quote is pure marketing. they don't count the recent ftpd remote root hole in that `four years' because they stopped activitating ftpd in the default install of OpenBSD 2.7, which was released only a very short time before the hole was discovered. the kernel hole (basically the same ptrace race the linux kernel had previous to 2.2.19) was only locally exploitable so that `doesn't count' since its not remote. > prove them wrong, and get away with it? Assuming it is "rubbish", as > you say. try reading bugtraq. > If anyone who reads the posts I made looks at them with an objective > outlook, they will see that my message is clearly stated. no its not you change your position every time a falicy is pointed out. > Starting services by default is a bad idea. and you keep pointing at OpenBSD as an example of a distribution that doesn't start any services, if you had ever actually installed an OpenBSD box you would see that is not true. as for debian services are only started if you install them, a very logical assumption. criticising debian's choices in regards to what services are priority: standard could be a valid argument. -- Ethan Benson http://www.alaska.net/~erbenson/
Attachment:
pgp1xz5hTusd1.pgp
Description: PGP signature