Re: Removing PF

[Mouse <mouse%Rodents-Montreal.ORG@localhost>]

> the questions raised were: why would someone use an insecure
> firewall?

(1) "[A]n insecure firewall" strikes me as an attempt to beg the
question.  Security is not a boolean.  All firewalls are insecure; all
_code_ is insecure.  The only question is, how insecure, and against
what threats.  (Rule of thumb: anyone who calls something "secure" or
"insecure" without giving any indication of the threat model in
question either doesn't understand security or hopes you don't; neither
alternative is good.  It's not universally applicable - here, for
example, I suspect you were just being a bit over-brief - but it's been
remarkably useful to me.)

(2) To answer the question, leaving aside the question-begging attempt:
because the code does something they want done.  (Surely you could have
come up with that much on your own.)  If, for example, I wanted a
firewall with an FTP proxy, I might well decide that that is important
enough to me to be willing to tolerate whatever flaws PF may have.
Code that mostly does what I want, even if it has some flaws, is often
preferable to code that lacks the flaws but also doesn't actually do
what I want done.

/~\ The ASCII				  Mouse
\ / Ribbon Campaign
 X  Against HTML		mouse%rodents-montreal.org@localhost
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B