On Sun, Jun 22, 2008 at 4:42 PM, Simo Leone <simo@archlinux.org> wrote:
On Sun, Jun 22, 2008 at 06:36:41PM +0200, Arvid Ephraim Picciani wrote:
before a specific point in arch history we used to tell people that making a system "secure" and "easy" is the job of a sysadmin.
For people who like a default "security" without rtfm, there is always debian.
Ehhh... true, but I always read it as "We provide sane and secure defaults, but the rest is up to you".
By using different users, we are providing secure defaults. Sort of like /etc/hosts.deny denies all connections by default.
I agree with Simo and Jan here. While we could easily take the "do it yourself" road, I always preferred the "sane defaults" side of Arch, myself. That is - install some crap and it works out-of-the-box in a pretty decent manner. It's a very small stretch from "sane defaults" to "secure defaults". Unless you think sane != secure.