On Wed, Apr 01, 2009 at 03:54:22PM -0700, Steve Langasek wrote: > On Wed, Apr 01, 2009 at 08:38:46PM +0200, Patrick Schoenfeld wrote: > > Well, its only about *new* services after installation. The intention > > behind that is that some people don't like to run un- or half-configured > > daemons immediately after installing them. > > It's Debian policy that packages should come with a reasonable default > configuration. If a given package provides a default configuration for a > service that is not reasonable, you should take that up with the maintainer > of that package.
Yes. This does however not imply nor is it required that it implies that the admin agrees with what the Debian maintainer calls reasonable. I mean: C'mon, we can't even agree with each other as the Developer body, why should every admin agree with all of us? > Note that this does not imply "any service that ships enabled is buggy". It > means only that the maintainer of the package is responsible for ensuring > the default behavior isn't insecure or horrid. Demanding that services one > selects for installation not be enabled out-of-the-box is not a prerequisite > to achieving the policy goals; that has more to do with placating > control-fetishizing admins than with ensuring secure defaults. Well, I didn't say that it is for achieving policy goals. > > Well, thats an opinion I can't agree less with. Yes, I accept that there > > are special cases, but the default really should be that the admin has > > the last word. > > Well, I don't see in what sense this is a "default". The default is what's > shipped in the package. Well, default was related to the mail I answered to. Best Regards, Patrick -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
