Hi all! I don´t want to increase the traffic on this list about this diskussion, but...
A "normal user" instead normally does not have a internet connection 24h a day and also no static ip-adress. So it´s not very important, if the security-level of the system is not very high. Sounds like Security Through Obscurity. That, "...is the microsoft approach... and should never be allowed" [-- Linus Torvald] I´m hard working for secure systems. But everyone knows, that this is not done by a distribution itself. I´m also thinking, that telnet is such useful as win95 ,) and it would be nicer if suse will disable telnet as default. But when do you mean your system/ distribution is secure enough. The apache daemon designed as helpsystem is a good idea - why not?
By the way; pop3, imap, ftp, telnet, samba without encrypt passwords, nis are not secure. So, if you´re planing to sell a secure distribution, you must not distribute netscape, because all users can configure a pop3 account. ;) pop3 without ssl, oder imap without ssl is a high risc. Maybe now you understand my comment right: "So it´s not very important, if the security-level of the system is not very high". Secure systems are in any cases important - but I think, you can´t define it deffinetifly when a distribution is good enough. Ok, I´m quite. :) Liebe Gruesse, Stephan Lauffer [ Paedagogische Hochschule Freiburg - Systemtechnik - Germany ] [ ZIK Zentrum fuer Informations- und Kommunikationstechnologie ] [ Tel.: 0761 - 682 459 Mobil: 0172 - 7145 197 ]