On Fri, 19 Nov 1999, David Brownlee wrote:

> 	I would agree with you if the default was portmap=YES, but in
> 	-current the default is portmap=NO.
> 
> 	The argument now is that if I set 'nfs_client=YES' it should
> 	start everything needed to work as an nfs client.
> 
> 	I still support having an extra 'WARNING:' in this case, but
> 	I would expect it to start portmap.

I really, really object to it starting portmap unless it's been
specifically requested. It's better to have a system default to
being secure, and have the novice spend an hour trying to figure
out why it doesn't work, than to have it default to insecure, save
the novice an hour, and have a compromised machine later on.

I say put in the warning, add a question to the FAQ, and live with
the queries this generates on the mailing list.

cjs
--
Curt Sampson  <cjs@cynic.net>   917 532 4208   De gustibus, aut bene aut nihil.
The most widely ported operating system in the world: http://www.netbsd.org