| 1 |
I'm the last person who would want infos and help on emerge |
| 2 |
removed but that sounds like too much baby sitting. |
| 3 |
I like Gentoo for not enabling the server daemon by default |
| 4 |
after emerge. That's the "protection" i expect and like. |
| 5 |
But i dislike when my distribution tries to be smarter than |
| 6 |
the user. If you want to warn the user then a ewarn after |
| 7 |
emerge has to be enough becauee everything else annoys too |
| 8 |
much. |
| 9 |
|
| 10 |
And telnet isn't bad by default. I use the client for various |
| 11 |
tests and have it installed on all my machines because sometimes |
| 12 |
it's just simpler than netcat magic etc. |
| 13 |
|
| 14 |
On Sat, Dec 27, 2003 at 09:55:02PM -0500, Allen Parker wrote: |
| 15 |
> I must pipe up on this one. When a user asks for "telnet" they're usually |
| 16 |
> not aware of the security risks involved. (kinda makes me wonder why it's |
| 17 |
> installed by default on Debian :-\) Probably the best way to handle this is |
| 18 |
> to create a virtual/telnet and add a default package that when uninstalled |
| 19 |
> displays a basic readme saying telnet isn't secure and why, asks the user if |
| 20 |
> they still want to do it, and THEN after they've confirmed that they do in |
| 21 |
> fact want telnet, allow them to emerge whichever telnet they choose. |
| 22 |
> |
| 23 |
> So, to re-state because I'm not even sure what I said up there: |
| 24 |
> Create package block-telnet that does as it's name implies, blocks the |
| 25 |
> virtual/telnet package so that no other telnetd/telnet client may be emerged |
| 26 |
> without removing it first. |
| 27 |
> Setup block-telnet to install something like /usr/share/doc/telnet-readme |
| 28 |
> (the contents of the same thing you read when you remove block-telnet) and |
| 29 |
> upon unmerge fire off a simple shell script that less's the same file |
| 30 |
> (hidden) that is telnet-readme with a yes/no choice saying are you sure you |
| 31 |
> wish to remove me? |
| 32 |
> Add block-telnet -> virtual/telnet as a virtual/telnet blocker by default |
| 33 |
> for all arch/stage/devel profiles under system instead of world and make it |
| 34 |
> a default package (like nano) for Gentoo 2004. |
| 35 |
> |
| 36 |
> It honestly seems to me that this would probably take any dev minutes to set |
| 37 |
> the virtual up this way and it would also allow very fast, short answers in |
| 38 |
> regards to getting questions on telnet: |
| 39 |
> |
| 40 |
> Eg: |
| 41 |
> User: how do I install telnet? |
| 42 |
> Dev: emerge unmerge block-telnet ... and read what it says. |
| 43 |
> User: thanks for your help! |
| 44 |
> |
| 45 |
> That's my 2/100ths of a monetary unit. |
| 46 |
> Allen Parker |
| 47 |
> |
| 48 |
> PS: when used in this manner, it's hardly cruft. |
| 49 |
|
| 50 |
-- |
| 51 |
gentoo-dev@g.o mailing list |
Archives