1 |
On Fri, 2005-06-17 at 01:21 -0700, Duncan wrote: |
2 |
> The client/server thing is a concern for me here, as well, for security |
3 |
> reasons. If I don't have an SSH server merged, it can't inadvertently |
4 |
> be turned on somehow. SSH is apparently a dependency for something I have |
5 |
> merged, and currently, it includes the SSH server. That worries me, as |
6 |
> it's a server component on a normally client system, and is thus a |
7 |
> potential security vuln. IMO, having it there when it's not used and the |
8 |
> human behind the machine has no intention of running it, is just /asking/ |
9 |
> for security issues. It shouldn't be there in the first place. |
10 |
> Unfortunately, there's no USE flag to turn it off. |
11 |
|
12 |
There is zero security risk unless you, as root, start the server. |
13 |
|
14 |
> Similarly with a couple of the DHCP packages I was looking at a few weeks |
15 |
> ago. I normally run static IPs on a LAN behind a NAPT based router, |
16 |
> giving me a /bit/ more leeway in terms of security on my Linux box, but |
17 |
> decided to install some form of DHCP just in case. Several of those |
18 |
> packages have both clients and servers, with apparently no way to only |
19 |
> install the client, short of hacking the ebuild. IMO, that's not the way |
20 |
> it should be. Gentoo isn't supposed to work that way, and PARTICULARLY in |
21 |
> this sort of instance, where getting mixed up in your configuration may |
22 |
> mean you start the server instead of the client, is a security risk that |
23 |
> simply shouldn't have to be there in the first place. |
24 |
|
25 |
I think you have the wrong assumption here on how Gentoo is "supposed to |
26 |
work". Gentoo ships packages as close to how upstream packages them as |
27 |
possible. If you have a problem with the daemon being shipped with the |
28 |
client, then complain upstream. We have always provided the package as |
29 |
determined by upstream. Splitting packages is a waste of developer time |
30 |
and also makes things much more complex dependency-wise. |
31 |
|
32 |
If you do not want the binary for the server installed, then edit the |
33 |
ebuild yourself, remove the binary, or use INSTALL_MASK. It isn't like |
34 |
we have not provided methods for you to do this yourself. You cannot |
35 |
expect us to provide for every possible scenario and still get anything |
36 |
accomplished. |
37 |
|
38 |
-- |
39 |
Chris Gianelloni |
40 |
Release Engineering - Strategic Lead/QA Manager |
41 |
Games - Developer |
42 |
Gentoo Linux |