1 |
2017-12-11 15:03 GMT-06:00 Alan Mackenzie <acm@×××.de>: |
2 |
> OK. But it's still there taking up RAM, and (more importantly) makes a |
3 |
> systemd system a broader target for attacks. Whether a system has an |
4 |
> http server (or, for that matter, an SSH server), for whatever purpose, |
5 |
> should be for the system administrator to decide. I suspect this isn't |
6 |
> the case for systemd's http server. |
7 |
> |
8 |
Too much suspicion, too much assumtions, |
9 |
$ equery -N u systemd | grep http |
10 |
- - http : Enable embedded HTTP server in journald |
11 |
|
12 |
$ grep -C 2 http $PORTDIR/sys-apps/systemd/systemd-235-r1.ebuild |
13 |
|
14 |
42: http? ( |
15 |
43: >=net-libs/libmicrohttpd-0.9.33:0= |
16 |
44- ssl? ( >=net-libs/gnutls-3.1.4:0= ) |
17 |
45- ) |
18 |
|
19 |
|
20 |
42: http? ( |
21 |
43: >=net-libs/libmicrohttpd-0.9.33:0= |
22 |
44- ssl? ( >=net-libs/gnutls-3.1.4:0= ) |
23 |
45- ) |
24 |
|
25 |
I prefer certainty, don't you? |
26 |
|
27 |
It is actually more useful to check the software, than lose your time |
28 |
with so many words on this list. |