[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [d-security] Re: [SECURITY] [DSA 532-1] New libapache-mod-ssl packages fix multiple vulnerabilities

* elijah wright <elw@stderr.org> [040727 19:40]:
> and it probably would have been fine, if you'd been running a stock
> config.

If things only have to be fine when using a stock config, why not
abolish all those limiting rules about /etc and just disallow the
use to cope with it directly and keep it under total control of
the packaging system and some configuration managment like some
YaST ported to Debian? </SARKASM>

> with great power comes great responsibility (for your customized servers
> :) )
> in general i don't like the thought of funky hacks being added to packages
> just to avoid stomping all over someone else's custom setup.

Hallo? This is Debian. Changing a configuration file is proper and
intended use of the system. Making such things break is the worst thing
after remote root exploits and deleting arbitrary data in my eyes. And
I think in many other people's eyes, who choose Debian.

	Bernhard R. Link

Reply to: