Re: [gentoo-dev] Re: splitting one source package into many binaries
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Duncan wrote: > The 6.8.99 snapshot ebuilds > (hard masked for testing) are the CVS development snapshots of this in > portage, still unsplit, as it hasn't yet been split upstream, AFAIK. The splitting is underway. Most of the protocol headers and libraries are working, and the server itself is underway. Thanks, Donnie -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFCt6oBXVaO67S1rtsRAqkbAJ0aav6kr7nqW0OTmDQvUyy/h02sVQCg4zTD LM7kUlyz4jOD4k4e5sMrZPI= =PiTY -END PGP SIGNATURE- -- gentoo-dev@gentoo.org mailing list
Re: [gentoo-dev] Re: splitting one source package into many binaries
On Fri, 2005-06-17 at 01:21 -0700, Duncan wrote: > The client/server thing is a concern for me here, as well, for security > reasons. If I don't have an SSH server merged, it can't inadvertently > be turned on somehow. SSH is apparently a dependency for something I have > merged, and currently, it includes the SSH server. That worries me, as > it's a server component on a normally client system, and is thus a > potential security vuln. IMO, having it there when it's not used and the > human behind the machine has no intention of running it, is just /asking/ > for security issues. It shouldn't be there in the first place. > Unfortunately, there's no USE flag to turn it off. There is zero security risk unless you, as root, start the server. > Similarly with a couple of the DHCP packages I was looking at a few weeks > ago. I normally run static IPs on a LAN behind a NAPT based router, > giving me a /bit/ more leeway in terms of security on my Linux box, but > decided to install some form of DHCP just in case. Several of those > packages have both clients and servers, with apparently no way to only > install the client, short of hacking the ebuild. IMO, that's not the way > it should be. Gentoo isn't supposed to work that way, and PARTICULARLY in > this sort of instance, where getting mixed up in your configuration may > mean you start the server instead of the client, is a security risk that > simply shouldn't have to be there in the first place. I think you have the wrong assumption here on how Gentoo is "supposed to work". Gentoo ships packages as close to how upstream packages them as possible. If you have a problem with the daemon being shipped with the client, then complain upstream. We have always provided the package as determined by upstream. Splitting packages is a waste of developer time and also makes things much more complex dependency-wise. If you do not want the binary for the server installed, then edit the ebuild yourself, remove the binary, or use INSTALL_MASK. It isn't like we have not provided methods for you to do this yourself. You cannot expect us to provide for every possible scenario and still get anything accomplished. -- Chris Gianelloni Release Engineering - Strategic Lead/QA Manager Games - Developer Gentoo Linux signature.asc Description: This is a digitally signed message part
Re: [gentoo-dev] Re: splitting one source package into many binaries
On Fri, Jun 17, 2005 at 01:21:22AM -0700, Duncan wrote: > reasons. If I don't have an SSH server merged, it can't inadvertently > be turned on somehow. SSH is apparently a dependency for something I have I'm all in favor of server vs. client flexibility but this example is kinda bogus. Assuming you don't turn it on I'd have to say the only way it'd get turned on is if your system is already compromised -- Jon Portnoy avenj/irc.freenode.net -- gentoo-dev@gentoo.org mailing list
[gentoo-dev] Re: splitting one source package into many binaries
Yuri Vasilevski posted <[EMAIL PROTECTED]>, excerpted below, on Thu, 16 Jun 2005 13:20:44 -0500: >> So I think it may be good for some packages to be split in several >> packages (but right now I can't think of any), but I think it'll be much >> better introduce more granularity into many ebuils with use flags. This is >> specially the case (in my opinion) of packages that can have both client >> and server functionality (the best example I can think of is net-fs/samba, >> which I mostly use just to mount shares form other servers). >The client/server thing is a concern for me here, as well, for security >reasons. If I don't have an SSH server merged, it can't inadvertently >be turned on somehow. SSH is apparently a dependency for something I >have >merged, and currently, it includes the SSH server. That worries me, as >it's a server component on a normally client system, and is thus a >potential security vuln. IMO, having it there when it's not used and >the >human behind the machine has no intention of running it, is just >/asking/ >for security issues. It shouldn't be there in the first place. >Unfortunately, there's no USE flag to turn it off. >Similarly with a couple of the DHCP packages I was looking at a few >weeks >ago. I normally run static IPs on a LAN behind a NAPT based router, >giving me a /bit/ more leeway in terms of security on my Linux box, but >decided to install some form of DHCP just in case. Several of those >packages have both clients and servers, with apparently no way to only >install the client, short of hacking the ebuild. IMO, that's not the >way >it should be. Gentoo isn't supposed to work that way, and PARTICULARLY >in >this sort of instance, where getting mixed up in your configuration may >mean you start the server instead of the client, is a security risk >that >simply shouldn't have to be there in the first place. >I'm sure there are other instances... >IMO as a Gentoo user... I have also had these concerns. The thing you need to keep in mind is that any server (like sshd) can *only* be turned on by the root user with a specific command. Gentoo *never ever* turns any server on by default (go gentoo!). If a cracker gains enough access to do this you have more things to worry about than a server being started. I know this isn't the answer you were looking for but it is the gentoo way...sshd comes from the upstream maintainer as a single package so it is installed by portage as a single package. This gives the user the flexibility that I have become accustomed to. Once you get used to this way of doing things it is no different than any other *nix based system. As it has been said on this mailing list a thousand times before, you can always make a custom ebuild in your overlay if it is that big of a concern. That's what I love about portage, I can create my own custom ebuilds and not have to rely on what the Gentoo Devs give me like in so many other distros. (even though what the gentoo devs supply is usually of the highest quality and meets my needs). -- gentoo-dev@gentoo.org mailing list
[gentoo-dev] Re: splitting one source package into many binaries
Yuri Vasilevski posted <[EMAIL PROTECTED]>, excerpted below, on Thu, 16 Jun 2005 13:20:44 -0500: > So I think it may be good for some packages to be split in several > packages (but right now I can't think of any), but I think it'll be much > better introduce more granularity into many ebuils with use flags. This is > specially the case (in my opinion) of packages that can have both client > and server functionality (the best example I can think of is net-fs/samba, > which I mostly use just to mount shares form other servers). The client/server thing is a concern for me here, as well, for security reasons. If I don't have an SSH server merged, it can't inadvertently be turned on somehow. SSH is apparently a dependency for something I have merged, and currently, it includes the SSH server. That worries me, as it's a server component on a normally client system, and is thus a potential security vuln. IMO, having it there when it's not used and the human behind the machine has no intention of running it, is just /asking/ for security issues. It shouldn't be there in the first place. Unfortunately, there's no USE flag to turn it off. Similarly with a couple of the DHCP packages I was looking at a few weeks ago. I normally run static IPs on a LAN behind a NAPT based router, giving me a /bit/ more leeway in terms of security on my Linux box, but decided to install some form of DHCP just in case. Several of those packages have both clients and servers, with apparently no way to only install the client, short of hacking the ebuild. IMO, that's not the way it should be. Gentoo isn't supposed to work that way, and PARTICULARLY in this sort of instance, where getting mixed up in your configuration may mean you start the server instead of the client, is a security risk that simply shouldn't have to be there in the first place. I'm sure there are other instances... IMO as a Gentoo user... -- Duncan - List replies preferred. No HTML msgs. "Every nonfree program has a lord, a master -- and if you use the program, he is your master." Richard Stallman in http://www.linuxdevcenter.com/pub/a/linux/2004/12/22/rms_interview.html -- gentoo-dev@gentoo.org mailing list
[gentoo-dev] Re: splitting one source package into many binaries
Rafael Ávila de Espíndola posted <[EMAIL PROTECTED]>, excerpted below, on Thu, 16 Jun 2005 19:51:54 -0300: > X might also be a candidate, but > I think that in this case it is better to help xorg to do the split. FWIW, xorg is already headed in that direction. Their next release is intended to be dual-track, 6.9.0 in monolithic form as now, 7.0.0 will be the same thing only modularized. There was a bit of a discussion on that topic here a few weeks ago (in which I asked and Donnie covered a number of questions on the Gentoo approach to it), after Donnie pointed to the working roadmap document for the split. The 6.8.99 snapshot ebuilds (hard masked for testing) are the CVS development snapshots of this in portage, still unsplit, as it hasn't yet been split upstream, AFAIK. -- Duncan - List replies preferred. No HTML msgs. "Every nonfree program has a lord, a master -- and if you use the program, he is your master." Richard Stallman in http://www.linuxdevcenter.com/pub/a/linux/2004/12/22/rms_interview.html -- gentoo-dev@gentoo.org mailing list