Re: Custom Reload command/signal in upstart

To: debian-devel@lists.debian.org
Subject: Re: Custom Reload command/signal in upstart
From: John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de>
Date: Fri, 23 Aug 2013 16:42:15 -0400
Message-id: <[🔎] 5217C927.2010809@physik.fu-berlin.de>
In-reply-to: <[🔎] 907735.98771.bm@smtp112.mail.ir2.yahoo.com>
References: <CALjhHG-nOd7qHv-tQrJkEKsvO1m+M8He50YdhsVt84_UhbOS=g@mail.gmail.com> <20130531224415.GA8976@virgil.dodds.net> <m3ip1y164d.fsf@neo.luffy.cx> <51A9D283.2020400@physik.fu-berlin.de> <[🔎] 907735.98771.bm@smtp112.mail.ir2.yahoo.com>

On 08/23/2013 04:02 PM, Kevin Chadwick wrote:
>> There is no point to start a daemon unless you actually
>> need it.
> 
> This is complete 'modern' crap

No, it's not. It's the only reasonable thing to do. Nothing is safer
than a daemon which is *not* running. The fewer services are running,
the fewer potential undisclosed vulnerabilities can be exploited.

> If you don't want a service started then why are your starting it,
> because you might want it is a stupid argument with next to no
> positives. SSH takes a blink of an eye to start.

I'm not sure whether I understand what you're trying to say. But, yes,
since SSH takes a blink to start, there's no point having it running
all the time while it isn't actually currently in use.

> It is far better not to mention more secure to start a service during
> the pristeen boot phase than wait for it to do it's shizzle including
> dropping priviledges etc. upon the receipt of packets.

That's non-sense. The time a process is started doesn't have any
influence on the security of the service. If it does, this should
be considered a bug since the service daemon would show an unpredictable
and unreliable behavior. However, as I said before, it's in general
more secure to have a service not running when it's not required.

Imagine there is a vulnerability in SSH which has not been fixed
yet for whatever reason. Having SSH run in this situation all the
time would make the machine a target for possible attacks. However,
SSH being started on demand only would dramatically reduce the
probability that the vulnerability would actually be successfully
exploited.

> You have to wait for the bios and hardware so a split second won't
> matter on boot. If ever more likely to matter (a second) then it
> will be when you need it in fact.

I'm pretty sure no one is talking about boot times in this context,
that's not the point at all of starting services on demand. It's
a matter of economic use of available resources. Having a service
idling in the background all the time would be like having your
car engine running while you're sitting on your sofa and watching
TV.

If you don't need something, turn it off.

> I would also much rather have my daemons ready and waiting than have
> them come running when I or an attacker calls.

Honestly, that doesn't even make any sense. Again, a service which
is not running is reducing the probability of an attack, not vice
versa.

Cheers,

Adrian

-- 
 .''`.  John Paul Adrian Glaubitz
: :' :  Debian Developer - glaubitz@debian.org
`. `'   Freie Universitaet Berlin - glaubitz@physik.fu-berlin.de
  `-    GPG: 62FF 8A75 84E0 2956 9546  0006 7426 3B37 F5B5 F913

Reply to:

Follow-Ups:
- Re: Custom Reload command/signal in upstart
  - From: James McCoy <jamessan@debian.org>
- Re: Custom Reload command/signal in upstart
  - From: Henrique de Moraes Holschuh <hmh@debian.org>

References:
- Re: Custom Reload command/signal in upstart
  - From: Kevin Chadwick <ma1l1ists@yahoo.co.uk>

Prev by Date: Re: Custom Reload command/signal in upstart
Next by Date: Re: Custom Reload command/signal in upstart
Previous by thread: Re: Custom Reload command/signal in upstart
Next by thread: Re: Custom Reload command/signal in upstart
Index(es):
- Date
- Thread