RE: [Full-Disclosure] Knocking Microsoft
From: Steve Wray (steve.wray_at_paradise.net.nz)
To: email@example.com Date: Sat, 28 Feb 2004 14:18:34 +1300
> > which many would not hesitate to laugh at. However windows
> > server 2003 does not by default load unnecessary services.
> So MS is doing what UNIX did from the start 20 years ago.
Sadly, this is in decline in the Linux world;
Most of the nice, friendly, easy to use package management
systems (rpm and apt for two) usually run the daemon
in its default configuration, immediately its installed.
And if they don't actually run them at install time, they
set them up to start at the next reboot (having set up the
default symlinks in /etc/rc[1-5].d), yes, in its default configuration.
IMO this *sucks* and is every bit as bad as any M$ offering.
Oh sure many would say 'but its default configuration is safe!'
Some of them (debian comes to mind) even set up services
like mysql to run in *single*user*mode*; debian even brings
up networking in single user! I recently had the joy of
discovering that when you install the debian watchdog package,
it sets it up to run in single user, so if its misconfigured,
you have to boot with init=/bin/sh to fix the mess (otherwise
you bring it up in single user and it just reboots itself over
This isn't just a bug, its a design flaw!
Full-Disclosure - We believe in it.