[arch-general] [arch-dev-public] adding http user/group to filesystems
Aaron Griffin
aaronmgriffin at gmail.com
Mon Jun 23 10:59:30 EDT 2008
On Sun, Jun 22, 2008 at 4:42 PM, Simo Leone <simo at archlinux.org> wrote:
> On Sun, Jun 22, 2008 at 06:36:41PM +0200, Arvid Ephraim Picciani wrote:
>>
>> before a specific point in arch history we used to tell people that making a
>> system "secure" and "easy" is the job of a sysadmin.
>>
>> For people who like a default "security" without rtfm, there is always debian.
>>
> Ehhh... true, but I always read it as "We provide sane and secure
> defaults, but the rest is up to you".
>
> By using different users, we are providing secure defaults. Sort of like
> /etc/hosts.deny denies all connections by default.
I agree with Simo and Jan here. While we could easily take the "do it
yourself" road, I always preferred the "sane defaults" side of Arch,
myself. That is - install some crap and it works out-of-the-box in a
pretty decent manner. It's a very small stretch from "sane defaults"
to "secure defaults". Unless you think sane != secure.
More information about the arch-general
mailing list