port-mac68k: Re: HELP ON 1.3 BOOT

Subject: Re: HELP ON 1.3 BOOT
To: <>
From: T. Sean (Theo) Schulze <71410.25@compuserve.com>
List: port-mac68k
Date: 11/21/1997 18:30:04
>>> IIRC, "RC_CONFIGURED" was introduced to increase security, i.e. to avoid
>>> letting the machine boot in multi-user in an insecure setup. The advice
>>> given above means "forget it, be as insecure as it used to be". I'm aware
>>> that this is NetBSD, not OpenBSD (which is sooo much more secure :-), but
>>> we nevertheless should care about security sufficiently.
>>
>>I believe this is true, but it also serves as a note to new users that
>>there is at least 1 file that they need to look at right away.  Otherwise,
>>some people might not take note of it.  This way, you have to look at
>>/etc/rc.conf in order to have a useful system.
>
>Exactly, but they should not be forced to do this in single user mode, with
>a number of actions to be performed first. For example, new users without
>much unix experinence quite likely will not understand why they can not save
>their edited rc.conf while (what they are not aware of) having / mounted
>read-only. That's why it's in the FAQ, I guess ;-)

Sorry if this is somewhat late.  I am about a hundred messages behind 
(literally).

Isn't this more a question of audience?  How many of NetBSD's initial 
users, that is, users who have just started using NetBSD, are experienced 
Unix administrators?  I would imagine not many.  I know I'm not (as my 
questions here have shown).  Shouldn't the initial setup be geared toward 
the somewhat novice user, making the assumption that a *free* Uni*x would 
attract people who really want to learn what Unix is, but are not ready 
to shell out what it costs for a SCO or BSD?  Experienced Un*x users 
could still use NetBSD, but would by virtue of their experience be 
knowledgeable of the security concerns. Isn't it reasonable to assume 
that many NetBSD users are first time Un*x users?  Particularly since in 
the case of NetBSD/mac68k they are probably coming from an OS that is 
only extremely remotely related to Un*x?  I would also suggest that any 
experienced Un*x user/administrator coming to NetBSD who did not consider 
the security aspects and configure his system accordingly deserves what 
he gets.

Cheers,

Sean.


                 T. Sean (Theo) Schulze
71410.25@compuserve.com             TSSchulze@aol.com
*****************************************************
There is, however, a limit at which forbearance ceases
to be a virtue. -- Edmund Burke