Re: Can't get interfaces????

Subject: Re: Can't get interfaces????
From: Dejan Muhamedagic (dejanm@aon.at)
Date: Tue Jul 25 2000 - 17:26:29 EDT

• Next message: andrew morgan: "Re: Authentication Issue: Wits end"
• Previous message: Greg Lincoln: "Re: Authentication Issue: Wits end"
• In reply to: Tom Fitzgerald: "Re: Can't get interfaces????"
• Next in thread: Harry Zink/Netatalk List: "Re: Can't get interfaces????"
• Reply: Dejan Muhamedagic: "Re: Can't get interfaces????"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello,

I couldn't agree more about not turning on every possible service.
And about how bloated redhat and suse became.

However, in this case it is different, because placing an alias in
conf.modules doesn't necessarily mean that appletalk support is
going to be loaded. Even then, the module itself can't provide a
service---it is the userland atalkd/afpd/papd that offers a
service.

At risk of being too hard on new users-admins: it seems that
nobody cares to read the documentation. That makes the "Release
notes" obsolete here.

Anyway, it shouldn't be too difficult to put together a small
procedure to check the Appletalk kernel support availability and
to stick it in a Makefile for "make install", or in a rc script.
However, this should be done for all supported platforms and not
only for redhat/linux.

Best regards,

Dejan

On Tue, Jul 25, 2000 at 03:56:37PM -0400, Tom Fitzgerald wrote:
> > Yeah, this is a known issue with RedHat 6.2, since the boneheads at RedHat
> > felt it necessary to remove autoloading of the appletalk module as of 6.2
> > (after all, saving these few bytes of extra configuration from a text file
> > makes all the difference).
>
> The Redhat people did exactly the right thing. The two boneheaded moves
> were:
>
> 1) Enabling it by default in all versions prior to 6.2, and
> 2) Not publicizing it adequately in the release notes when they removed it.
>
> Redhat has had a chronic problem of enabling every silly service and
> driver that can possibly be enabled. This has caused waves of security
> problems in every release, since a hole in the most insignificant package
> affects everyone who hasn't explicitly turned it off (which nobody does).
>
> It's actually very good that they're not enabling so many services by
> default. This can only help the security of internet-accessible Linux
> systems, which is right now terrible.
>
> Most users don't use or need the Appletalk protocol, so it shouldn't be
> there. The same is true of dozens of other packages that one can only
> hope are also being disabled (which you won't notice since you don't use
> them). Redhat enabled them so users wouldn't need to read docs to figure
> out how to turn them on, so Redhat could claim that Linux is as admin-
> friendly as Windows. Instead, it's like Windows because it's full of
> security problems. The whole idea was flawed.
>
> That being said, the removal should have been prominent in the release
> notes.
>
>

• Next message: andrew morgan: "Re: Authentication Issue: Wits end"
• Previous message: Greg Lincoln: "Re: Authentication Issue: Wits end"
• In reply to: Tom Fitzgerald: "Re: Can't get interfaces????"
• Next in thread: Harry Zink/Netatalk List: "Re: Can't get interfaces????"
• Reply: Dejan Muhamedagic: "Re: Can't get interfaces????"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b28 : Wed Jan 17 2001 - 14:31:37 EST