On Fri, 12 Mar 2010 19:21 -0700, "Theo de Raadt" <dera...@cvs.openbsd.org> wrote: > > On Fri, 12 Mar 2010 18:25 -0700, "Theo de Raadt" > > <dera...@cvs.openbsd.org> wrote: > > > That's a lot of words. > > > > > > The default configuration is not going to be changed in this way. > > > > To be honest, my patch is selfish. I get perfect vulnerability > > assessment scores on OpenBSD boxes when doing vulnerability scans until > > I enable Apache. Turning Indexes off gets me back down to zero > > vulnerability status... the unreachable ground of the Linux admin ;) > > Compliance an audit folks like perfect scores too. > > So you wanted us to do bullshit damage to the ease of using OpenBSD? > > It is beyond selfishness.
My apologies. The look on the Linux peoples faces when they see all of these OpenBSD boxes with *0* vulnerabilities compared to the 200 to 300 of their own drove me to it. I'll not do it again. Brad
