Re: ramen worm

["Stephen J. Turnbull" <turnbull@example.com>]

>>>>> "Stuart" == Stuart Luppescu <s-luppescu@example.com> writes:

    Stuart> Yeah, but I don't run an HTTP server on my machine, and
    Stuart> ftp is easier to set up than apache.

Hm?  All I had to do was edit one line in srm.conf, and that was a
Debian bug.

Anyway, if you choose FTP rather than HTTP, I don't have a problem
with that.  We're talking primarily about default initial
installations, where (in the typical setup) everything gets enabled.

    >> And neither should be enabled by default.  Not even if you
    >> install the package.

    Stuart> Huh? I don't get it. If you don't intend to run the
    Stuart> server, why would you install the package?

To read the docs, for one.  I have had a few packages that I've
installed for only one reason---to answer questions on this list.

To satisfy a brain-dead dependency, for another.

Because I _might_ use it, and I just ordered the "Happy Meal."  Which
is the case in question; we're talking about initial installation,
when people often pick something like "network server" so they can
offer SMB shares to the Windose boxes on their LAN :-(.

    Stuart> Why make the user take the extra step to enable the
    Stuart> service after installation? If you're saying the package
    Stuart> shouldn't be installed without giving the administrator
    Stuart> the choice, that's another thing. But if the administrator
    Stuart> makes the active decision to install the ftp server (or
    Stuart> any other service), I don't see why it shouldn't be
    Stuart> enabled on installation.

So hand grenades should be delivered with the pin already pulled?

The reason is that "administrators" aren't making these decisions,
ordinary lusers like me (not sarcasm, in this context my opinion is
not Humble, but still I'm just an ordinary luser) and you are making
these decisions.  You could argue that because you have the power to
make these decisions, you're an "administrator."  I refuse to accept
that definition.  An "administrator" is someone who has accepted the
reponsibility for what happens if they make the wrong decisions.
Somebody who delegates that responsibility to their pms is not an
administrator.

People should be forced to stop and _think_ about what they're doing
before offering services to the barbarians at the gate.  "Don't feed
the bears," Yogi.  postnews used to ask you if you wanted to spam the
world.

Most people will just keep going and bitch about the inconvenience.  I
pity their neighbors.

I have yet to see a "user-friendly" set-up program that does these
things very well.  (There are dedicated security audit scripts that do
a pretty good job of catching mistakes.  But they're not config
programs.)  If you have a dedicated "sacrificial lamb" outside your
firewall, then there's no reason not to install-and-launch.

Most people, on the other hand, install on multi-use boxes _inside_
the firewall.  For example, at my university, the global webserver
lives on a box that is both directly connected to the Internet and to
the internal LAN, offers SMTP, FTP, and HTTP to both, and telnet (!) 
(I've bitched about this, maybe they've fixed it---but I'm on the
"content committee", not the "operations committee", so my bet is
they've ignored me) to at least the internal LAN.  Obviously the work
of an MCSE; nothing evolved past the level of paramecium would
consider that "safe".  And it's not like they don't have the budget to
set up a sacrificial server.

_You_ may not care.  But if I lived on the same LAN that you do, _I_
would.  Computer security is like AIDS.  You may be willing to risk
it, but remember, you're putting your family and friends in mortal
danger.  More likely, you have no idea what you're exposing them to.

I only ask that you be given the opportunity to learn, before
stuffing the plug in the socket.

-- 
University of Tsukuba                Tennodai 1-1-1 Tsukuba 305-8573 JAPAN
Institute of Policy and Planning Sciences       Tel/fax: +81 (298) 53-5091
_________________  _________________  _________________  _________________
What are those straight lines for?  "XEmacs rules."