Gentoo Archives: gentoo-security

From: Scott Taylor <scott@××××××××××××××××.net>
To: gentoo-security@g.o
Subject: Re: [gentoo-security] Changes to traceroute in newest release
Date: Tue, 16 Dec 2003 14:53:56
In Reply to: Re: [gentoo-security] Changes to traceroute in newest release by David Olsen
1 On Tue, 2003-12-16 at 13:47, David Olsen wrote:
2 > The point was traceroute is _not_ installed by default. An admin desiring to
3 > install this software, in my case, on several hundred servers, I don't want
4 > to have to chmod traceroute on all those boxes, everytime there's an update
5 > to traceoute because of what could be deemed a poor choice for security.
6 >
7 > I don't see where the discussion has gotten moot or off-track. If enough of
8 > the community wants it back the way it was, I assume Gentoo developers will
9 > respond as such.
11 If you want something exploitable or otherwise insecure to be installed
12 on several hundred servers, then make your changes to a portage overlay
13 tree that is either shared out to all your systems, or make the changes
14 on an rsync server that you maintain yourself. Those of us that prefer
15 for everything to be installed reasonably secure out-of-the-box and
16 insecure configurations to require manual effort - are quite happy to
17 see things being taken care of just as they are now.
19 --
20 Scott Taylor - <scott@××××××××××××××××.net>
22 "I am not convinced that they can write solid stable software. Proprietary software is already hobbled by it's secretive cathedral nature, but Microsoft seems to have a corner on incompetent programming as well."
24 -- Chris DiBona from the introduction. (Open Sources, 1999 O'Reilly and Associates)


File name MIME type
signature.asc application/pgp-signature