Prana <[EMAIL PROTECTED]> writes:
[...]
> Also another this is: servers still start by default. I've said about
> this many times, nobody listens. Now I hope that services be turned off
> by default. SuSE 7.1, Redhat 7.0, the next 7.1, BestLinux have already
> turn off the services by default. 90% of people has been complaining and
> no developer @ MandrakeSoft is willing to listen. This is a bad thing
You really think that we don't listen to people on Cooker? This is
disappointing.
> for security, and someday I believe that someone will give ** _really
> nasty_ proofs of concepts** if the network services are still turned on
> by default (with the exception of ssh or webmin). I'm sorry, but this is
> really unacceptable.
Actually we had a really tough battle on internal ML's lately on this
subject. Basically, our security folks think as you.
Our current policy can be explained like that:
(1) We assume that when you want a server installed, that most probably
means that you want it activated because you will use it ;
(2) Recently (since 7.2 in a decent fashion) we've realized that we
installed too much things "in the back of automatic install", so the
fact that (1) existed needed a fix: because we thought (1) was very
valid (I still need to be convinced that it's not) the best fix was to
not install any server packages in the newbie (e.g. recommended)
install.
> Oh well. I love Mandrake, but I don't want to be forced those services
> that I have turned off again. It is super annoying. Ask everybody. Once
Yeah this is a bug.
--
Guillaume Cottenceau - http://us.mandrakesoft.com/~gc/
