[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: secure installation

On Wed, Aug 15, 2007 at 09:34:19PM -0700, Russ Allbery wrote:
> A default install should simply not listen to the network, at which point
> a firewall is pointless complexity.  I believe portmap is already
> listening only to localhost and inetd doesn't run if there are no services
> enabled.

Even if the default installation is "secure" in this sense, there are 
other packages in Debian that propose easy use to novice users but open 
up your computer quite a bit. For example just the additional selection 
of KDE gets you a running avahi daemon.
Inexperienced users may not even notice that they put their system at a

It's certainly a bad idea to force something onto users they may not 
But if a user installs a debian package that lowers his systems security 
there should be a big warning in the installer.

Michel Messerschmidt           lists@michel-messerschmidt.de

Attachment: signature.asc
Description: Digital signature

Reply to: