[CentOS] Re: Unknown rootkit causes compromised servers
Scott Silva
ssilva at sgvwater.com
Tue Jan 29 16:35:31 UTC 2008
on 1/29/2008 8:00 AM Chris Mauritz spake the following:
> Milton Calnek wrote:
>> If you don't like the defaults, get anaconda to change them for you.
>> Or write a script that you run shortly after install to make the
>> changes for you.
>
> That would be pretty amazing if at the end (or at the beginning) of the
> install there was some checkbox that said something to the effect of:
>
> "Would you like to maintain compatibility with upstream security
> defaults or would you like to follow our more sensible recommendations
> instead?"
>
> And if the user chooses the latter, a much more secure default
> configuration could be applied. That might go a long way towards
> helping non-wizard folks to enjoy some measure of additional protection
> by default. Just a thought.
>
But again, that breaks upstream compatibility.
Besides, all of you know that there are people that click "yes" on every
dialog box without reading them. I swear that if you added a dialog box that
stated their firstborn would be sacrificed to the IT gods, and recorded the
answers, you would get a large percentage of "yes" clicks. And most of those
would be unintentional.
--
MailScanner is like deodorant...
You hope everybody uses it, and
you notice quickly if they don't!!!!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 187 bytes
Desc: OpenPGP digital signature
URL: <http://lists.centos.org/pipermail/centos/attachments/20080129/67e05137/attachment.sig>
More information about the CentOS
mailing list