Re: impressions of a new user

On Fri, Aug 15, 2003 at 03:31:02PM -0500, Charles J. Fisher wrote:

> All three files in (/etc/csh.cshrc /etc/csh.login

Bzzzt! Only a small minority of my systems have X on them.

Besides, the PATH is already set by default to something more sane.

> if [ Xroot = X"$USER" ]

The default PATH already contains these. There's no harm in having them in everybody's path, anyway.

> export PATH

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related openbsd.org Links advocacy announce bugs ipv6 misc ports ports-changes security-announce smp source-changes tech Request more information about Pantek

WOAH! This is about the most dangerous thing you can do. Raise your hands, everybody who's type a password too soon or too late, and had the system thought it was a command. Leave 'em up if you want that password now getting written to disk somewhere so you have to start trying to wipe it (or, worse, simply forget or don't realize what you've done). No hands remaining? What a surprise.

> TMOUT=600
This has its place, but not in a default. *I* don't want the system kicking me out while I'm in the middle of editing some critical file and the phone rings, destroying all that work.

> umask 022

Already the default.

> The above items enhance security.

No, they do not. At best, they duplicate the default behaviour. At worst, they're some of the most *IN*secure things you can do.

> I can imagine no objection to their inclusion.

Then you have no imagination.

Do you need more help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related openbsd.org Links advocacy announce bugs ipv6 misc ports ports-changes security-announce smp source-changes tech Request more information about Pantek

Look, you have your ideas about how to configure the system; I have mine; and Theo has his. Theo gets to ship OpenBSD configured the way he likes because it's his baby. You can change Theo's configuration on your own system to suit your own needs, just as I do to suit mine.

And that's the whole point.

Cheers,

b&

--
Ben Goren
 mailto:ben@trumpetpower.com
 
http://www.trumpetpower.com/
 icbm:33o25'37"N_111o57'32"W

[demime 0.98d removed an attachment of type application/pgp-signature]