1 |
Chí-Thanh Christopher Nguyễn posted on Sun, 18 Nov 2012 12:14:48 +0100 as |
2 |
excerpted: |
3 |
|
4 |
> Matt Turner schrieb: |
5 |
>>> Then udev switched to kmod as a build-time dep. I could no longer |
6 |
>>> package.provide kmod as I had module-init-tools, because it was |
7 |
>>> required to /build/ udev. For no valid reason on my system. Like any |
8 |
>>> unnecessary feature that can be used to load an exploit, it's worse |
9 |
>>> than useless. |
10 |
> |
11 |
>> # du -sh /var/tmp/portage/sys-apps/kmod-11-r1/image/ |
12 |
>> 240K /var/tmp/portage/sys-apps/kmod-11-r1/image/ |
13 |
> |
14 |
> I think the complaint was not about the installed size. Some people have |
15 |
> "install as little unnecessary code as possible" as part of their |
16 |
> security concepts. |
17 |
|
18 |
That's true, but as a long-term gentooer, I've found over the years it's |
19 |
more than that. Every single installed package is another package that |
20 |
must be repeatedly rebuilt, as upgrades come in and/or as the system core |
21 |
toolchain changes over time and one wants to be sure the whole system is |
22 |
consistent and still buildable (emerge --emptytree @world). Every |
23 |
installed package I don't use is thus an installed package I'll spend a |
24 |
lot of otherwise unnecessary time on, over the years, simply keeping it |
25 |
and the system in general upto date. |
26 |
|
27 |
As one realizes the cost over time, one gets a rather higher motivation |
28 |
to keep the system as lean and mean as possible. I look at it this way, |
29 |
it's just that much more incentive to practice what has always been known |
30 |
as good security practice in any case, keeping everything off the system |
31 |
that doesn't have a solid, known reason, for being there. |
32 |
|
33 |
kmod itself is trivial in size time and space requirements, but it's the |
34 |
principle as much as anything, and in the case of an unneeded module |
35 |
loader there's an additional security concern as well, since an |
36 |
opportunity to load kernel modules is just that much more opportunity to |
37 |
install a kernel module that hides otherwise visible tell-tail (logs, |
38 |
strange open ports on netstat, strange startup services, etc) signs of |
39 |
being rooted. Sure, if someone has module-loading access already, it's |
40 |
not a big increased risk, but given that it's an unnecessary, any non- |
41 |
negative non-zero increase in risk or maintenance cost over time is |
42 |
unacceptable, and on a monolithic kernel gentoo system, a kernel module |
43 |
loader increases both, trivially sure, but when there's no justifiable |
44 |
reason for it in the first place... |
45 |
|
46 |
-- |
47 |
Duncan - List replies preferred. No HTML msgs. |
48 |
"Every nonfree program has a lord, a master -- |
49 |
and if you use the program, he is your master." Richard Stallman |