Hello, On Apr 12 07:22 Marcus Meissner wrote (shortened):
We had yet another complaint that a customer does not want to install "netcat" for security reasons (no need to discuss), but we cannot even tell him to rpm -e it to quieten his paranoia because it is required by yast2-core and yast2-printer. ... yast2-printer has it in some tools, where it is unclear to me if they are run during regular usage.
Those tools are /usr/lib/YaST2/bin/listen_remote_ipp - runs during system installation to check if there is a broadcasting CUPS server - needs netcat in listen mode and I don't know how to listen via bash ('
I wonder if we can get rid of the hard netcat dependency here.
No problem: Let the tools test if netcat is executable and let them fail with an angry error message if not ;-) Or for those who love overcomplicated "solutions": Let YaST install netcat if such a tool is to be run which forces our users to supply the media if they just want to set up a queue for a network printer ;-) Seriously: I think there is no need for a hard RPM requirement because YaST can run even without those tools. Therefore a soft RPM requirement (e.g. a "Recommends") together with test if netcat is executable in the tools might be best? Nevertheless I think it is overcomplicated and misleading to make unexperienced customers only feel happy but actually do not solve their issue because let them remove netcat doesn't add any security. I think we should better tell even those unexperienced customers the truth because otherwise such customers may learn later that we cheated instead of telling them the truth. At least I would never ever buy something from someone who cheated me once. Kind Regards Johannes Meixner -- SUSE LINUX Products GmbH, Maxfeldstrasse 5, 90409 Nuernberg, Germany AG Nuernberg, HRB 16746, GF: Markus Rex -- To unsubscribe, e-mail: yast-devel+unsubscribe@opensuse.org For additional commands, e-mail: yast-devel+help@opensuse.org