Re: Linux 3.2 in wheezy

To: Debian Developers <debian-devel@lists.debian.org>
Subject: Re: Linux 3.2 in wheezy
From: Thomas Goirand <zigo@debian.org>
Date: Tue, 07 Feb 2012 21:05:43 +0800
Message-id: <[🔎] 4F3121A7.2010304@debian.org>
In-reply-to: <[🔎] 20120203125326.GA6622@angband.pl>
References: <20120129182205.GR12704@decadent.org.uk> <1327867067.13223.3.camel@hidalgo> <1327872371.5400.375.camel@deadeye> <20120130004459.GA22039@angband.pl> <20120130013115.GB19215@bongo.bofh.it> <[🔎] 20120203113103.GA16544@wavehammer.waldi.eu.org> <[🔎] 20120203125326.GA6622@angband.pl>

On 02/03/2012 08:53 PM, Adam Borowski wrote:
>> ssh works.
>>     
> It triples the memory footprint of an empty Debian container (init + syslogd +
> cron[1]), and adds a new daemon that can be potentially subverted.
>
> Of course, usually sshd is strongly preferred (so much better than needing
> near-full privileges on the host!) but for many uses you don't need to log
> in to the guest for non-administrative tasks.
>
> [1]. Yeah, cron is something you could shave away too if you really wanted;
> not worth the hassle though.
>   
Are you trying to make the point that, with containers,
you wouldn't need ssh, and you would with VMs? If so,
that's at least not turth with Xen (xm console <domain>,
which can easily be granted using the dom0 ssh server
and few sudo tricks).

If I'm interpreting wrongly what you wrote above, then
please explain, I'd be happy to understand! :)

Thomas

Reply to:

Follow-Ups:
- Re: Linux 3.2 in wheezy
  - From: md@Linux.IT (Marco d'Itri)

References:
- Re: Linux 3.2 in wheezy
  - From: Bastian Blank <waldi@debian.org>
- Re: Linux 3.2 in wheezy
  - From: Adam Borowski <kilobyte@angband.pl>

Prev by Date: Re: Linux 3.2 in wheezy
Next by Date: Re: Doesn't contain source for waf binary code
Previous by thread: Re: Linux 3.2 in wheezy
Next by thread: Re: Linux 3.2 in wheezy
Index(es):
- Date
- Thread