[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: libselinux1 - required

On Wed, 8 Jun 2005 23:08:08 +1200, Nigel Jones <nigelj@gmail.com> said: 

> On 08/06/05, Petter Reinholdtsen <pere@hungry.com> wrote:
>> [Nigel Jones]
>> > if "coreutils" is made absolutely dependant on libselinux1, then
>> > the user gets no choice...
>> 
>> One think is depending on the library, another is actually using
>> selinux.  Your objection to use selinux might have some merit, but
>> your objection to have a package depend on libselinux1 does not.
>> In
> I guess it's distrust of thee who make it (please don't start a
> flame war, it's personal opinion, you must accept that, i know it
> gets looked at by many eyes, but i still don't like the idea.  No
> matter how hard you look, it's easy enough to slip a backdoor or
> something in, and in the kernel, well thats not good).  - I don't
> have distrust for common programs that may have had a Government
> developer or two work on it, but when the majority is made by a Govt
> department, thats when I loose the trust.

        You may have already lost, then, since NSA code is now in the
 kernel itself, and LSM is compiled in as well.

> Hmmm, I can see your point, BUT, if a user is not going to use
> selinux at all, then what is the use of downloading extra
> dependencies that you don't need.  I thought that a feature of APT
> was that it makes you only download the libraries that you need/use.

        Since the idea is to make even dpkg link with libselinux, this
 may be moot.

> Anyway, just my two cents.  Personally, I'm going to continue to
> build my own kernels, just be an annoyance to have to build my own
> coreutils etc to make sure code that I don't need isn't there.

        dpkg, coreutils, ssh, cron, logrotate, pam, sysvinit. 

> (Because really, it is a bit hard on the Dial Up users (not really
> complaining, just saying that downloading stuff that your never
> going to use is a bit of a pain)).

        The binaries you use are linked with that library, so it is
 not as if you can get by without libselinux1. It is not large, but to
 get areound that 196k you'll have to compile a boat load of
 packages -- and download far more in terms of source code.

        I am not sure you are really making any sense here.

        manoj
-- 
Working with Julie Andrews is like getting hit over the head with a
valentine. Christopher Plummer
Manoj Srivastava   <srivasta@debian.org>  <http://www.debian.org/%7Esrivasta/>
1024D/BF24424C print 4966 F272 D093 B493 410B  924B 21BA DABB BF24 424C
Reply to: