[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: woody release task needs help: package priorities

* "Vince Mulhollon" 

| On 05/15/2001 08:00:09 AM exa wrote:
| >> What about closing all the ports by default? The user can open them by
| >> himself if he wants to anyway. Security fans would really be happy then.
| Still have the vulnerable, exploitable binaries.  All you have to do it get
| root and open the "talkd" ports once, or buffer overflow "talk".  Make
| criminals really work for it, don't make anything easier for them.

You are assuming that talkd have buffer overflows, but you have no
proof of it.  And talk is rwxr-xr-x, so what would you win by an
overflow on a local host?  And I doubt that there are many bugs in a
daemon which is less than 10k big.

| >> I sometimes have the feeling that too much security is breaking many
| >> convenient features. It would be wrong to put in a program with known
| >> vulnerabilities, but except that I don't see why you would want to
| >> remove useful small programs.
| The problem is that all programs more complicated than "hello world" have
| vulnerabilities that will eventually be found.  Consider the recent man-db
| events.

Bugs != vulnerabilities.  You are assuming that all programs are
exploitable, even if one can prove that they aren't.  (Barring bugs in
the kernel or other places.)

| On my deployed end user systems, although man would be "nice", it's just
| not needed to do the job.  Most end users would never RTFM anyway, and I
| never have to RTFM on the production boxes (that's what development boxes
| are for), therefore man-db would never be run on my production boxes.  So I
| get rid of it.  Therefore I don't care about the recent man-db security
| problems on my deployed systems, because none of them have man-db
| installed.

Still, I don't think you are arguing that man-db should be made
priority optional or extra because of this?  A stripped-down system
with the bare necessities doesn't have all the packages from standard
installed.  Standard is more than the bare necessities.

| Never install something unless you are willing to take the time to support
| and debug it, AND then justify the time to your boss.

If my boss were to decide whether I used two minutes for upgrading
some daemon or not, I'd change jobs, as I like to control my own

| Just because it's very easy to install MTAs and webservers and
| compilers doesn't mean it's a good idea to do so on every box, just
| because you can.

So you think gcc and exim should be priority extra/optional as well?

| If you have no use for talk or talkd, you should not install them.  Most
| people have no use for them, therefore most people should not install them.

If we are to remove each and every package from standard which
somebody might not need, I don't see the point of having standard at
all.  Standard should be a slim but reasonable complete UNIX system.
Out of 1240 computers which submitted popcon results, talk got 167
votes.  I think that shows that quite some people use it.  And it's
small, and if it will listen on loopback by default, I see no problem
with it.

| Therefore talk and talkd should be removed from standard.  The few people
| that do have a use, also have the skill to type "apt-get install talk
| talkd".

Not everybody has root on the systems they are using.


Tollef Fog Heen
Unix _IS_ user friendly... It's just selective about who its friends are.

Reply to: