On Sun, Jun 22, 2008 at 4:42 PM, Simo Leone <simo@xxxxxxxxxxxxx> wrote: > On Sun, Jun 22, 2008 at 06:36:41PM +0200, Arvid Ephraim Picciani wrote: >> >> before a specific point in arch history we used to tell people that making a >> system "secure" and "easy" is the job of a sysadmin. >> >> For people who like a default "security" without rtfm, there is always debian. >> > Ehhh... true, but I always read it as "We provide sane and secure > defaults, but the rest is up to you". > > By using different users, we are providing secure defaults. Sort of like > /etc/hosts.deny denies all connections by default. I agree with Simo and Jan here. While we could easily take the "do it yourself" road, I always preferred the "sane defaults" side of Arch, myself. That is - install some crap and it works out-of-the-box in a pretty decent manner. It's a very small stretch from "sane defaults" to "secure defaults". Unless you think sane != secure.
