Am 21.04.2014 12:58, schrieb Mauricio Tavares: > On Mon, Apr 21, 2014 at 3:42 AM, Reindl Harald <h.reindl@xxxxxxxxxxxxx> wrote: >> >> Am 21.04.2014 03:39, schrieb Lars Seipel: >>> Nicely aligning with the current firewall thread I noticed that one of >>> my machines was running the exim MTA for the last few days, dutifully >>> listening on all interfaces >> >> and now it is *proven for sure* that disable the firewall >> by default is the most dumb thing a distribution can do >> >> drago01 will now say again "that is a bug" >> yes, in that case in *two* packages at the same time >> but hwat matters is the impact of a bug >> >> * smartmontools wanted sendmail instead MTA for sending sysmessages >> * sendmail obviously has a braindead default configuration listening on all ports >> * sendmail service is obviously enabled at install time even if smartmontools >> only need /usr/sbin/sendmail >> >> all things i said that they are happening and will happen again and again >> while they get fixed here and there - again and again - that's life >> >> so you can run in circles and shout "that is a bug" which is >> true and while you are fix it it brings people in trouble >> or you have by default a security layer which hopefully does >> not open port 25 automated because you install sendmail >> >> the next problem: even if such a bug is fixed the affected users >> keep to be fucked because the updated smartmontools only require >> any MTA (which is correct) and so nothing will remove sendmail >> on that machines nor close port 25 after a update of smartmontools >> > If all smartmontools need is to just send emails out, I would > suggest using something like ssmtp or msmtp which needs configuration local mail-pickup don't and no i am not interested in discussions who reads that mails serious users / admins do after they realized existence and after that also the mails from the past but you missed the point: because such things can happen a OS must not be shipped with a disabled firewall these days - period
Attachment:
signature.asc
Description: OpenPGP digital signature
-- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
