| 1 |
Chris Gianelloni posted <1119016612.13606.13.camel@×××××××××××××××××.net>, |
| 2 |
excerpted below, on Fri, 17 Jun 2005 09:56:52 -0400: |
| 3 |
|
| 4 |
> On Fri, 2005-06-17 at 01:21 -0700, Duncan wrote: |
| 5 |
>> The client/server thing is a concern for me here, as well, for security |
| 6 |
>> reasons. If I don't have an SSH server merged, it can't inadvertently |
| 7 |
>> be turned on somehow. [] Unfortunately, there's no USE flag to turn it |
| 8 |
>> off. |
| 9 |
> |
| 10 |
> There is zero security risk unless you, as root, start the server. |
| 11 |
|
| 12 |
I get the point, but if it's not there to be started, it cannot be |
| 13 |
started, thru some fat-fingering on the part of a confused admin trying to |
| 14 |
launch the client, or any other way. If it's needed, that's one thing, but |
| 15 |
if it's not needed, it shouldn't be there. USE flags (not split |
| 16 |
packages, I'll absolutely agree there) are the Gentoo way to control that. |
| 17 |
|
| 18 |
>> Similarly with a couple of the DHCP packages I was looking at a few |
| 19 |
>> weeks ago. [] Several of those packages have both clients and servers, |
| 20 |
>> with apparently no way to only install the client, short of hacking the |
| 21 |
>> ebuild. IMO, that's not the way it should be. Gentoo isn't supposed |
| 22 |
>> to work that way, and PARTICULARLY in this sort of instance, where |
| 23 |
>> getting mixed up in your configuration may mean you start the server |
| 24 |
>> instead of the client, is a security risk that simply shouldn't have to |
| 25 |
>> be there in the first place. |
| 26 |
> |
| 27 |
> I think you have the wrong assumption here on how Gentoo is "supposed to |
| 28 |
> work". Gentoo ships packages as close to how upstream packages them as |
| 29 |
> possible. If you have a problem with the daemon being shipped with the |
| 30 |
> client, then complain upstream. We have always provided the package as |
| 31 |
> determined by upstream. Splitting packages is a waste of developer time |
| 32 |
> and also makes things much more complex dependency-wise. |
| 33 |
|
| 34 |
Gentoo Philosophy page: "The Gentoo philosophy is to allow this user to |
| 35 |
do what he or she wants to do, without getting in the way." |
| 36 |
|
| 37 |
Of course, there's a practical limit to that. However, a simple |
| 38 |
"clientonly" USE flag on client/server combo packages such as ssh and |
| 39 |
dhcp would appear to be entirely within the Gentoo spirit, and generally |
| 40 |
would require no more work than is already done in support of all sorts of |
| 41 |
other USE flags. Simply don't compile or install the server, if a separate |
| 42 |
binary from the client, and don't include /etc/init.d server starter |
| 43 |
scripts (like sshd) and the like, if the clientonly USE flag is set. |
| 44 |
|
| 45 |
-- |
| 46 |
Duncan - List replies preferred. No HTML msgs. |
| 47 |
"Every nonfree program has a lord, a master -- |
| 48 |
and if you use the program, he is your master." Richard Stallman in |
| 49 |
http://www.linuxdevcenter.com/pub/a/linux/2004/12/22/rms_interview.html |
| 50 |
|
| 51 |
|
| 52 |
-- |
| 53 |
gentoo-dev@g.o mailing list |
Archives