"J. Lewis Muir" <jlmuir%imca-cat.org@localhost> writes: > +1 I want the default to be safe/secure, even if the package has to > go out of its way to make it that way. The user can then configure > or enable things, but without doing anything, the default should be > safe/secure. Even stronger, I would say that installing a package should not cause anything to run automatically. This is true of new things in base; e.g. you have to put sshd=YES to turn it on. The other issue is replacing (shadowing) commands already present in base. (There is an issue with bin/su in heimdal, but I think it's just a usability issue, not a security one.)
Attachment:
pgpoemPlEhoVp.pgp
Description: PGP signature