On Friday 20 Nov 2009 19:06:09 Per Jessen wrote:
Lars Müller wrote:
On Fri, Nov 20, 2009 at 07:12:50PM +0100, Per Jessen wrote:
Lars Müller wrote:
[ 8< ]
This is a simple and secure design decission (KISS). And this change was well documented.
Doesn't change a thing. Where was it documented by the way? I don't remember there being much community discussion about it.
http://download.openSUSE.org/pub/opensuse/distribution/11.2/repo/oss/docu/R ELEASE-NOTES.en.html
http://lists.opensuse.org/opensuse-factory/2008-03/msg00495.html
Ah yes, I do vaguely remember that - even if it was more than 18 months ago.
Funny to see who commented on the initial suggestion made by the security team and which suggestions people made.
Funny? Here are some the things I said back then -
"... but I don't see any reason for changing it at all. An unused sshd uses very little memory, and whatever it does use is very quickly swapped out."
"Having thought a litle more about it, I definitely vote no - that change would have only negligible effect for desktop-only/mostly users, whereas it would only create additional work for any server-install."
I also asked:
"What exactly is "better" about not starting sshd by default? " No useful answer.
I even pointed out that "Nobody has described any _actual_ improvements. Running sshd behind the default firewall does not make the system any less secure, and it does not waste any memory when it isn't used."
Nothing funny about me repeating myself, IMHO.
/Per Thing is this is supposed to be Open Open to ideas suggestions assistance improvements , But the only way it is open now is open to the ruling mafia with no care or attention to the users at all Very rapidly becoming the M$ Corp of the Linux world this is how it is like it or lump it .
Pete . -- Powered by openSUSE 11.2 Milestone 2 (x86_64) Kernel: 2.6.30-rc6-git3-4- default KDE: 4.2.86 (KDE 4.2.86 (KDE 4.3 >= 20090514)) "release 1" 19:19 up 13 days 4:45, 4 users, load average: 0.78, 0.61, 0.46