| 1 |
On 2/26/07, Duncan <1i5t5.duncan@×××.net> wrote: |
| 2 |
> |
| 3 |
> Chris Gianelloni <wolf31o2@g.o> posted |
| 4 |
> 1172456062.8807.11.camel@××××××××××××××××.org, excerpted below, on Sun, |
| 5 |
> 25 Feb 2007 21:14:22 -0500: |
| 6 |
> |
| 7 |
> Doncan inquired... |
| 8 |
> |
| 9 |
> >> Why is openssh (as virtual/ssh) part of the desktop profiles? |
| 10 |
> > |
| 11 |
> > Uhh... Because I like it and people expect it to be there. You're more |
| 12 |
> > than capable of removing it from your system. |
| 13 |
> > |
| 14 |
> >> Anyway, I think at least a discussion might be worthwhile, and I |
| 15 |
> >> decided to bring it up here to see what desktop folks thought, before |
| 16 |
> >> bothering the entire dev list with the idea. If it gets shot down |
| 17 |
> >> here, then no need to bring it up there. I keep thinking that |
| 18 |
> >> /someone/ must have asked the question before, but I haven't seen it in |
| 19 |
> >> three years now, so it can't be /too/ much of a FAQ. |
| 20 |
> > |
| 21 |
> > Feel free to bring it up, but the desktop profile is maintained by |
| 22 |
> > Release Engineering since it is used to build release media. I have no |
| 23 |
> > intentions on removing it, since I see it as invaluable, but if a |
| 24 |
> > convincing enough argument were made, I could see *some* concessions on |
| 25 |
> > it. My personal belief is that the profiles shouldn't be removing |
| 26 |
> > requirements on things unless they're incompatible. |
| 27 |
> |
| 28 |
> Well, my only argument is the accepted wisdom that any app left installed |
| 29 |
> but unused on a system, particularly if it's a net app, is a security |
| 30 |
> vulnerability only waiting a most inconvenient time to show itself. |
| 31 |
> |
| 32 |
> As I said, for some reason package.provided simply isn't working for ssh |
| 33 |
> ATM, for whatever reason. However, it's brought in by virtual/ssh, and |
| 34 |
> by creating an /etc/portage/profiles/virtuals and pointing virutal/ssh at |
| 35 |
> something convenient, in this case baselayout, I cured the problem a |
| 36 |
> different way. =8^) |
| 37 |
> |
| 38 |
> Having safely hidden the system-dep-that-isn't-a-dep once again, it's not |
| 39 |
> a big enough deal to find the motivation to be all that convincing if the |
| 40 |
> above argument doesn't do it, so well enough left alone... until the next |
| 41 |
> time it wants to merge for whatever reason. =8^) |
| 42 |
|
| 43 |
|
| 44 |
I don't believe that the service is turned on by default, even if it is |
| 45 |
installed by default. You must do rc-update add sshd default before it |
| 46 |
become as security vulnerability. And if you've ever used fish:// you'd know |
| 47 |
just how useful ssh can be in a desktop profile. |
| 48 |
|
| 49 |
-- |
| 50 |
> Duncan - List replies preferred. No HTML msgs. |
| 51 |
> "Every nonfree program has a lord, a master -- |
| 52 |
> and if you use the program, he is your master." Richard Stallman |
| 53 |
> |
| 54 |
> -- |
| 55 |
> gentoo-desktop@g.o mailing list |
| 56 |
> |
| 57 |
> |
| 58 |
|
| 59 |
|
| 60 |
-- |
| 61 |
In vino veritas. |
| 62 |
[In wine there is truth.] |
| 63 |
-- Pliny |
Archives