| 1 |
On Fri, 2005-06-17 at 01:21 -0700, Duncan wrote: |
| 2 |
> The client/server thing is a concern for me here, as well, for security |
| 3 |
> reasons. If I don't have an SSH server merged, it can't inadvertently |
| 4 |
> be turned on somehow. SSH is apparently a dependency for something I have |
| 5 |
> merged, and currently, it includes the SSH server. That worries me, as |
| 6 |
> it's a server component on a normally client system, and is thus a |
| 7 |
> potential security vuln. IMO, having it there when it's not used and the |
| 8 |
> human behind the machine has no intention of running it, is just /asking/ |
| 9 |
> for security issues. It shouldn't be there in the first place. |
| 10 |
> Unfortunately, there's no USE flag to turn it off. |
| 11 |
|
| 12 |
There is zero security risk unless you, as root, start the server. |
| 13 |
|
| 14 |
> Similarly with a couple of the DHCP packages I was looking at a few weeks |
| 15 |
> ago. I normally run static IPs on a LAN behind a NAPT based router, |
| 16 |
> giving me a /bit/ more leeway in terms of security on my Linux box, but |
| 17 |
> decided to install some form of DHCP just in case. Several of those |
| 18 |
> packages have both clients and servers, with apparently no way to only |
| 19 |
> install the client, short of hacking the ebuild. IMO, that's not the way |
| 20 |
> it should be. Gentoo isn't supposed to work that way, and PARTICULARLY in |
| 21 |
> this sort of instance, where getting mixed up in your configuration may |
| 22 |
> mean you start the server instead of the client, is a security risk that |
| 23 |
> simply shouldn't have to be there in the first place. |
| 24 |
|
| 25 |
I think you have the wrong assumption here on how Gentoo is "supposed to |
| 26 |
work". Gentoo ships packages as close to how upstream packages them as |
| 27 |
possible. If you have a problem with the daemon being shipped with the |
| 28 |
client, then complain upstream. We have always provided the package as |
| 29 |
determined by upstream. Splitting packages is a waste of developer time |
| 30 |
and also makes things much more complex dependency-wise. |
| 31 |
|
| 32 |
If you do not want the binary for the server installed, then edit the |
| 33 |
ebuild yourself, remove the binary, or use INSTALL_MASK. It isn't like |
| 34 |
we have not provided methods for you to do this yourself. You cannot |
| 35 |
expect us to provide for every possible scenario and still get anything |
| 36 |
accomplished. |
| 37 |
|
| 38 |
-- |
| 39 |
Chris Gianelloni |
| 40 |
Release Engineering - Strategic Lead/QA Manager |
| 41 |
Games - Developer |
| 42 |
Gentoo Linux |
Archives