Re: Squid acl access - neighbours & parents..

From: Edward Henigin <ed@dont-contact.us>
Date: Thu, 5 Sep 1996 15:36:06 -0500 (CDT)

        Would you suggest that in.telnetd not ask for a password,
and instead you packet filter at your gateways to allow only
certain hosts?

        The router should not have to be reconfigured every time
you add another piece of software, or every time you move the
software to a different machine, or configure a different port
for the software to listen to, etc etc. If a software service desires
security, it needs to implement its own security, rather than
coming with an instruction book: "Ok, if you have this kind of
system, you implement security like this... and if you don't, well
go figure it out for yourself!"

        Yes you get slightly larger apps. The savings that you have in
maintenance, though, far outweighs the extra disk space, memory, and
cpu time it would consume. Experience tells me this (I do NOT work in
an ivory tower), and these are features I look for in software that I
use.

        Ed

--
On Thu, 5 Sep 1996, Andrew Stesin wrote:
> 	Why?
> 
> 	I mean -- is application level so free of load and
> 	complexity that one should add yet more weight to it?
> 
> 	(This way you get monster-style apps instead of a set of highly
> 	specialized, but also highly efficient tools).
> 
Received on Thu Sep 05 1996 - 13:39:29 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:32:56 MST