Re: Disable ZeroConf: how to ?
On Fri, Mar 4, 2011 at 3:59 PM, Klaus Ethgen <Klaus@ethgen.de> wrote:
> In ancient times debian was packaged the way that the administrator only
> installed the daemons that he needed. Today many daemons gets installed
> by dependencies and gets started without any need. Just the fact is
> security relevant as any running daemon higher the change that there is
> a security hole. Every daemon! And examples are found at many places
> today. I. e. mysqld from kde packages, apache for a linkchecker, avahi
> and consortions for gnome, ... Not to mention all the daemons that do
> not listen on network as gconf, kded4, ...
Daemons that don't listen on a public interface are less of an issue.
But in general I agree, daemons shouldn't run without need, especially
not on public interfaces.
> I think, in the last few years, the quality of (some) debian packages
> has sunken. But this is just my personal view, and I am sorry to say it.
> If you want to change debian to be ubuntu it would be the time to look
> for another distribution that can be used on servers. (unfortunately I
> do not know an alternative.)
Actually "Ubuntu ships with no open ports on public interfaces" (by default).
It's also silly to launch another distro just because some settings
have to be changed.