The last editor's note is an EXTREMELY valid one... if you use Debian in any way, please, please test the new installer. Now really is the time, folks. The most common complaint about debian is the installer. Don't sit back and assume everything will work itself out, and then complain about the new installer when sarge hits stable down the road.
Developers NEVER have enough people testing and reporting quality feedback. So again, if you use Debian at all, please help out.
Re:Why should we care?
on
Root Zone Changed
·
· Score: 5, Informative
The root zones are where are all top-level DNS queries start. Think of the internet domain system as one giant honkin' tree. The root servers at the top manage domain information for the top level zones, and they pass off queries down the tree until the query hits an authoritative DNS server for the domain in question.
This affects administrators of DNS servers, because in the DNS config is a list of the IP addresses where these root servers can be found.
Why should you care? You probably don't. It doesn't affect you directly. That is, unless all the root servers mysteriously die one day. That would make surfing for your pr0n a thing of near impossibility.:)
The BSD community should take a hint and start gearing toward usability rather than "superior" security.
If usability is what you're looking for, try FreeBSD instead. One of OpenBSD's goals is to be Secure by Default. Whereas other BSD variants and most Linux distros take an approach of 'turn everything on and let the admin turn off what he doesn't need', OpenBSD takes the opposite approach. In my experience as an admin, theres no difference in effort between locking down, say, a Redhat install, or enabling what I need after install on OpenBSD. The difference is, the more clueless among us will be more protected by the default install of OpenBSD than by Redhat.
The reasons for ripping IPF out of OpenBSD are documented elsewhere, but what it basically boils down to is a licensing issue. Darren Reed, author of IPF, changed its license to something incompatible with the stated goals of OpenBSD, so it was removed. Daniel (incredibly) came up with a replacement in record time.
The 3.2 release boasts a lot of things, besides improvements to PF. These includes things like a nonexec stack, a chrooted apache, a reduction in the number of setuid binaries, and more 'secure' filesystem mount options by default. Theres no sarcasm implied, I'm sure. OpenBSD truly IS among the most secure operating systems in the world.
Slashdot Mirror
Developers NEVER have enough people testing and reporting quality feedback. So again, if you use Debian at all, please help out.
This affects administrators of DNS servers, because in the DNS config is a list of the IP addresses where these root servers can be found.
Why should you care? You probably don't. It doesn't affect you directly. That is, unless all the root servers mysteriously die one day. That would make surfing for your pr0n a thing of near impossibility. :)
That's great! I'm sure they'll be happy to accept your code to further the SMP cause. That is, unless you code like you spell.
If usability is what you're looking for, try FreeBSD instead. One of OpenBSD's goals is to be Secure by Default. Whereas other BSD variants and most Linux distros take an approach of 'turn everything on and let the admin turn off what he doesn't need', OpenBSD takes the opposite approach. In my experience as an admin, theres no difference in effort between locking down, say, a Redhat install, or enabling what I need after install on OpenBSD. The difference is, the more clueless among us will be more protected by the default install of OpenBSD than by Redhat.
The reasons for ripping IPF out of OpenBSD are documented elsewhere, but what it basically boils down to is a licensing issue. Darren Reed, author of IPF, changed its license to something incompatible with the stated goals of OpenBSD, so it was removed. Daniel (incredibly) came up with a replacement in record time. The 3.2 release boasts a lot of things, besides improvements to PF. These includes things like a nonexec stack, a chrooted apache, a reduction in the number of setuid binaries, and more 'secure' filesystem mount options by default. Theres no sarcasm implied, I'm sure. OpenBSD truly IS among the most secure operating systems in the world.
Sure you can. Just be prepared to clean up the stain afterwards. :)