Re: woody release task needs help: package priorities
* "Vince Mulhollon"
| On 05/15/2001 08:00:09 AM exa wrote:
|
| >> What about closing all the ports by default? The user can open them by
| >> himself if he wants to anyway. Security fans would really be happy then.
|
| Still have the vulnerable, exploitable binaries. All you have to do it get
| root and open the "talkd" ports once, or buffer overflow "talk". Make
| criminals really work for it, don't make anything easier for them.
You are assuming that talkd have buffer overflows, but you have no
proof of it. And talk is rwxr-xr-x, so what would you win by an
overflow on a local host? And I doubt that there are many bugs in a
daemon which is less than 10k big.
| >> I sometimes have the feeling that too much security is breaking many
| >> convenient features. It would be wrong to put in a program with known
| >> vulnerabilities, but except that I don't see why you would want to
| >> remove useful small programs.
|
| The problem is that all programs more complicated than "hello world" have
| vulnerabilities that will eventually be found. Consider the recent man-db
| events.
Bugs != vulnerabilities. You are assuming that all programs are
exploitable, even if one can prove that they aren't. (Barring bugs in
the kernel or other places.)
| On my deployed end user systems, although man would be "nice", it's just
| not needed to do the job. Most end users would never RTFM anyway, and I
| never have to RTFM on the production boxes (that's what development boxes
| are for), therefore man-db would never be run on my production boxes. So I
| get rid of it. Therefore I don't care about the recent man-db security
| problems on my deployed systems, because none of them have man-db
| installed.
Still, I don't think you are arguing that man-db should be made
priority optional or extra because of this? A stripped-down system
with the bare necessities doesn't have all the packages from standard
installed. Standard is more than the bare necessities.
| Never install something unless you are willing to take the time to support
| and debug it, AND then justify the time to your boss.
If my boss were to decide whether I used two minutes for upgrading
some daemon or not, I'd change jobs, as I like to control my own
time.
| Just because it's very easy to install MTAs and webservers and
| compilers doesn't mean it's a good idea to do so on every box, just
| because you can.
So you think gcc and exim should be priority extra/optional as well?
| If you have no use for talk or talkd, you should not install them. Most
| people have no use for them, therefore most people should not install them.
If we are to remove each and every package from standard which
somebody might not need, I don't see the point of having standard at
all. Standard should be a slim but reasonable complete UNIX system.
Out of 1240 computers which submitted popcon results, talk got 167
votes. I think that shows that quite some people use it. And it's
small, and if it will listen on loopback by default, I see no problem
with it.
| Therefore talk and talkd should be removed from standard. The few people
| that do have a use, also have the skill to type "apt-get install talk
| talkd".
Not everybody has root on the systems they are using.
--
Tollef Fog Heen
Unix _IS_ user friendly... It's just selective about who its friends are.
Reply to: