1 |
On Wed, 2003-10-29 at 21:29, Spider wrote: |
2 |
> > I wonder if it would be possible to somehow remotely "mount" the rest |
3 |
> > of |
4 |
> > the stuff such as gcc/python etc.. as with portage. So this way the |
5 |
> > system would be completely clean and when it needs to be updated a |
6 |
> > script would mount/link the tools from a remote system and after its |
7 |
> > done upgrading it would unlink and we are left with a lean clean |
8 |
> > system. |
9 |
> |
10 |
> http://ovlfs.sf.net/ (if I recall correctly) might be the thing here. |
11 |
|
12 |
What an idea! Never thought of such a thing. Definitly worth a look. |
13 |
|
14 |
> Another alternative is to use a staging machine to build binaries, then |
15 |
> simply untar the .tbz2 files, instead of using portage to do it. (evil |
16 |
> solution actually ;) |
17 |
|
18 |
> After that, some manual pruning should get the things in order. |
19 |
|
20 |
Yeah really evil. I guess this is what some people do. But I would |
21 |
prefer to have portage do the stuff instead of getting worries that I |
22 |
might have forgotten to fix a file or something.. |
23 |
|
24 |
> Though, for a server you don't gain anything in security by removing |
25 |
> compilers and development tools. perhaps in complexity and size, though. |
26 |
|
27 |
Well. Regarding security that is a bit relative. You do gain in the |
28 |
sense that the cracker has one less tool/option at hand and hence you |
29 |
gain a little bit more of the higher ground against the attacker. The |
30 |
less options/possibilites the cracker has the harder (even if its only a |
31 |
little bit) it gets to penetrate (although not impossible of course). |
32 |
|
33 |
Also as you state it is nice to have a simple clean lean system with a |
34 |
small footprint. |
35 |
|
36 |
I really don't know how valid my assumptions are, but I am willing to |
37 |
give it a shot to see what comes out of a de-Gentooizable Gentoo ;) |
38 |
|
39 |
Cheers, |
40 |
|
41 |
Vano |
42 |
|
43 |
|
44 |
-- |
45 |
gentoo-dev@g.o mailing list |