On Mon, Jan 9, 2012 at 9:07 AM, Reindl Harald <h.reindl@xxxxxxxxxxxxx> wrote: > > > Am 09.01.2012 07:27, schrieb Ed Marshall: >> On Sun, Jan 8, 2012 at 5:42 PM, Reindl Harald <h.reindl@xxxxxxxxxxxxx> wrote: >>> if a software-package, information, disclosure is NOT NEEDED it has >>> to be disabled - again: take some security education! >> >> And, there we go. >> >> Convince upstream to change their behavior (but, read their FAQ on >> this exact question first, and try to understand why they've chosen >> that stance), or convince the current openssh package maintainers why >> they should patch the Fedora version of openssh in defiance of >> upstream's wishes. > > would you please realize that sshd was only ONE sample > > but well, so i will hestititate useful requests in the future and > continue rebuilding half of the distribution by my own to get rid > of nonsense like unsecure defaults If not showing the version makes you fell more secure you are free to do that it is free software after all. But just because it makes *you* *fell* more secure does not mean that you gain any security by doing so but well... that is no reason to change half of the distribution to unnecessarily diverge from upstream. -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
