Yo Royce! On Wed, 22 Feb 2017 11:38:04 -0900 Royce Williams <ro...@tycho.org> wrote:
> On Wed, Feb 22, 2017 at 11:30 AM, Gary E. Miller <g...@rellim.com> > wrote: > > > > Yo Achim! > > > > On Wed, 22 Feb 2017 18:21:01 +0100 > > Achim Gratz <strom...@nexgo.de> wrote: > > > > > Gary E. Miller writes: > > > > Mark was thinking of a separate ntp-tools package or option. > > > > Many distros has a X package and a matching X-tools package. > > > > We could make that easy with a build option. > > > > > > > > I see the vast majority of users only using ntpd. > > > > > > > > But seriously, do you really need to save USD$0.001 of disk > > > > space? > > > > > > I'm pretty sure that Hal was more concerned about not putting > > > stuff on a public-facing server that wasn't absolutely > > > necessary. > > > > Then 90% of your distro is probably also not absolutely necessary. > > > > If your attacker can run things on your CLI then it is long past > > game over. > > The attack surface isn't binary. Agreed 100%. Things like CLI tools with no special permissions or capabilities are way at the bottom of the worry scale. Lost in the noise floor. > IMO, it's better for the ecosystem to let each admin decide which > things to install or to leave out. If it's an easy split to make, I'd > rather that admins have the option. Nothing we do says an admin can't "rm /usr/bin/XXX". I often have that in my build scripts. No need to clutter the build options for that. RGDS GARY --------------------------------------------------------------------------- Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703 g...@rellim.com Tel:+1 541 382 8588 Veritas liberabit vos. -- Quid est veritas? "If you can’t measure it, you can’t improve it." - Lord Kelvin
pgpE10_6Kt0v7.pgp
Description: OpenPGP digital signature
_______________________________________________ devel mailing list devel@ntpsec.org http://lists.ntpsec.org/mailman/listinfo/devel