fc5: install everything?

Bruno Wolff III bruno at wolff.to
Tue May 9 14:54:22 UTC 2006


On Tue, May 09, 2006 at 09:36:41 -0500,
  "Mikkel L. Ellertson" <mikkel at infinity-ltd.com> wrote:
> That is the point - you don't know what packages have exploits that
> have not been found yet. If they were known, chances are they would
> have already been fixed. But if you have everything installed, the
> chances that you have a package with an exploit installed goes up.

This is very low risk. This risk should be weighed against the extra work
involved tracking down packages that could have been installed off the
CD.

> On the other hand, if it will never be run with root privileges,
> chances are it will only mess up the user's files, and not the
> system. From a security standpoint, it makes sense to load the
> packages that you use. If a machine is not going to be a server,
> then you only need a few of the server apps. If it is not going to
> be used for development, and especially if it is going to be a
> server that can be accessed from the Internet, you do not want the
> ability to compile programs. (Compile them on another machine, and
> install them on the server.)

Not having a compiler adds almost no security. Again this needs to be weighed
against the costs of having one available when you want it.

> This is sounding a lot like the what I heard a few years ago when
> distributions started shipping with services disabled by default, or
> only accessible on the loopback interface. You have to go in and
> configure them before you could run them. But it sure cut down on
> boxes that were hacked before they were updated, and the owner
> learned what was going on. Experienced users know how to get the
> services going, and newbies usually end up doing a bit of research,
> or asking on a list, and hopefully learn about the risks involved in
> running the server, and how to configure them.

Running services that listen on network ports is a lot higher risk than
just having code installed. Also, in those days ipchains typically wasn't
installed as well to block connections to services that only needed to
listen on the loopback address.

> The distribution should be as safe as possible for a newbie to
> install. If they ever put the install everything option back, I hope
> it is only available as an advanced install option. A newbie doing
> an install should not see it.

I disaggree. You need to balance safety with convenience, especially for
for new users.

> What might be a good idea is that when you install from CD/DVD, is
> to have an option to set up a Yum repo that uses the install media
> and asks for the CD/DVD needed to be inserted when installing
> software if there is not a newer package in the other repos. That
> way, if you find you want/need more packages after install, it will
> not download everything from the Internet if you have a slow
> connection, or a bandwidth limit. This would be especially true in
> you are shipping a machine with Linux pre-installed. Otherwise,
> depending on the lag between when you built the system, and when the
> costumer receives it they may end up with a large update needed when
> they get the machine with an everything install. Not too bad of a
> problem if you do the install, update the machine, and then ship it
> directly to the costumer, but a big problem if you are building in
> quantity. Especially if you don't update your install image on a
> regular basis, or are shipping to a retail location.

Using the install media as a repo is a separate issue, that also has value.
However, this still doesn't address not having software installed when you
want it, that could have easily been installed. That costs people time.




More information about the users mailing list