* Ondrej Zajicek: >> You could also have an 'ENABLED' variable like some files in >> /etc/default have (so that ports wouldn't be opened by default; the >> user would have to manually enable them for the port to be opened). > > Better way is just not start that daemon.
The daemon might have been installed by a package dependency, more or less by accident. Debian should have a policy that all daemons bind to the loopback interface by default, but as long as this is not the case, I can understand why people put paket filters on hosts as a safety net. On the other hand, at this stage, it's very difficult for Debian as a distribution to choose what firewall scripting framework should be used. (But I don't think this is worth the effort.) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
