From release notes for FC5T3 (web)
Rahul Sundaram
sundaram at fedoraproject.org
Tue Mar 7 12:06:25 UTC 2006
Jim Cornette wrote:
>
> Security issues should be set with rational defaults where services
> that can decrease security need to be manually activated to install. I
> hope that security issues are dealt with regardless to whether one has
> a fully loaded arsenal of packages or a limited installation.
The potential security issues are not limited to open ports and running
services but having the system affected through exploits on the
software installed even when you might have never used them.
> I vaguely recall one program that even if it was not set active, the
> default password was set to something like Q and would hinder security
> on a Linux install. I do not recall what the program was though.
> Your point that having a package with dangerous capabilities does
> hold water for this previous problem with older installs. One could
> hack in and have the tools they need in order to command ones computer.
Its better to make the post installation package management flexible
enough to deal with all kinds of use cases on adding and removing
additional software on the system IMO.
--
Rahul
More information about the fedora-list
mailing list