> On Mon, Apr 09, 2007 at 11:10:52AM -0500, Jon Ciesla wrote: >> +1. If the nailgun is unplugged, in the box, and the nails are in a >> separate box, why not ship them? Provide the functionality, but in a >> safe >> manner. Is this not the current state? > > a) It's really easy to turn on without recognizing the implications. > b) It's fairly easy to turn on full httpd without recognizing the > implications. > c) The most secure code is the code that's not on the box. > d) Having a) means that it's more difficult to notice when b) happens. Can a) occur without root access? If not, I don't think it's a huge issue. I can also turn on telnetd with root, or NFS share / with root, also failry easily. But they're secured by default as well. IF we're going to go down the path of removing software that's "Too dangerous" for users, why ship Perl? If a) is possible without root, then we do have an issue, as long as it allow access to system data. If it's just the user's data, then, well, isn't that the point? > > -- > Matthew Miller mattdm@xxxxxxxxxx <http://mattdm.org/> > Boston University Linux ------> <http://linux.bu.edu/> > > -- > fedora-devel-list mailing list > fedora-devel-list@xxxxxxxxxx > https://www.redhat.com/mailman/listinfo/fedora-devel-list > -- novus ordo absurdum -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
