PS, mainly on safety (was Re: Incredible F8 updates : DEFEAT & CAVEAT)

Sun Dec 9 20:39:39 UTC 2007

On Sat, 08 Dec 2007 10:47:58 -0500, David Boles wrote:

> The default Fedora install gives you Fedora (Everything) and Fedora
> Updates enabled. All others default to disabled.
> 
> In order to use the other repos, any of them, *you* had to *enable*
> them. Which can be done by root in a text editor or one of several GUIs
> provided by Fedora.

	As I have explained, I had completed a fresh install, run yum 
update, and begun running a finer-toothed comb than either anaconda or 
yum, namely pirut.My point was that one of the defaults in pirut is new, 
and effectively pushes itself on the unwary.

> So please explain to me how your enabling the defaulted disabled repos
> while not understanding what you were doing, your PEBCAK if you will, is
> Fedora's fault? IMMV but I make the effort to know what I am doing
> *before* I do it. It's safer that way.  ;-)

	Applying ugly acronyms is beneath you, and does no one any good 
-- especially ones that amount to calling names.

	You surely are not saying, are you, that the "Customize now" 
option in anaconda is put there to be a stumbling block nor a pitfall? 
Nor that customizing at all is to be discouraged??

	I have almost always used it, and found it more convenient than 
the "Customize later" choice.

	There are quite a lot of things that no user on any machine of 
mine will ever invoke -- some I don't use, and some are reputed to be 
security risks, even (if not especially) on active linux discussion 
lists. (I try to follow several besides this one.)

	The new pirut default *forces* me to enable *something* -- until 
I get rid of that default to medium, pirut will fail me. Putting the DVD 
back in would be counterproductive and silly.

	But pirut calls for it! To eliminate that, I get a new and 
uncommented list of choices.

	Fwiw, I can and do make large efforts at caution, even while 
appreciating the need to tinker with any such OS as Fedora; among those 
is not just disabling but uninstalling any server I can -- such as all 
the chat ones.

	I never enable nor download even "testing" anything; actually 
enabling the development repo must have been a brain fart. I don't 
dispute that; I suggest that it carry a caveat.

	(There are things I do enable, notably livna -- I would not have 
wanted a machine in my house without Pine, before Alpine came out.)

	One reason it happened is that I do quite often yum telling me I 
need <xyz>-devel for something that has long proved perfectly safe for me 
to run. I said so in my earlier post.

	You certainly don't *have* to allow for users who can't write 
code; some otherwise excellent developers plainly despise us. But those 
who do so allow might wish to erect some sort of caution sign in this new 
place; they have in others, and many of us count that a virtue.

	It is such a virtue, in fact, that after having done the fresh 
install over, I have just run pirut (avoiding unfamiliar repos like the 
plague!) on three machines at once, twice -- browse choice by browse 
chioce (hitting Apply at least once in each), and then alphabetically 
through the list. 

	That helped me spot things I could remove, since two machines had 
been running fine without them; and I'm sure I'm safer because of it.

-- 
Beartooth Staffwright, PhD, Neo-Redneck Linux Convert
Remember I know precious little of what I am talking about.