On Sat, 2002-04-27 at 16:03, Havoc Pennington wrote: > Rui Miguel Silva Seabra <rms 1407 org> writes: > > This sort of stuff should NEVER be done automatically by default. > Think about it for a minute. How often do you install a machine, plug > it into the ethernet jack, but NOT immediately put it on your network? > I can't think of any time I've done that. If you connect it to the > network physically you intend to have it on the network. > I'd have a good firewall enabled by default, though. And this is > something you'd want to do in a desktop setup, not for servers, of > course. It's still valid that it should not be enabled by default, for security reasons. A more reasonable thing to do, would be to have AN OPTION to try to detect and use dhcp automatically in the "Networking" gui, and have that option DISABLED BY DEFAULT. > > How about just having a gui in "Networking" to setup the lan connection? > > It would have to change global settings, so it must be allowed by PAM or > > something, but if you want the user to have that option, that's the way > > to do it, not magically assume something, specially in such an hostile > > environment such as the net is. > Magic assumptions can make things more secure, not less, for the > average case. e.g. auto-firewalling. auto-firewalling, maybe... but AFTER user has manually selected dhcp. Networking, unfourtunately, is an environment where danger is ubiquitous. Hugs, rms -- + No matter how much you do, you never do enough -- unknown + Whatever you do will be insignificant, | but it is very important that you do it -- Ghandi + So let's do it...?
Attachment:
signature.asc
Description: This is a digitally signed message part