Peter Nikolic wrote:
On Friday 20 Nov 2009 19:06:09 Per Jessen wrote:
Lars Müller wrote:
On Fri, Nov 20, 2009 at 07:12:50PM +0100, Per Jessen wrote:
Lars Müller wrote: [ 8< ]
This is a simple and secure design decission (KISS). And this change was well documented. Doesn't change a thing. Where was it documented by the way? I don't remember there being much community discussion about it. http://download.openSUSE.org/pub/opensuse/distribution/11.2/repo/oss/docu/R ELEASE-NOTES.en.html
http://lists.opensuse.org/opensuse-factory/2008-03/msg00495.html Ah yes, I do vaguely remember that - even if it was more than 18 months ago.
Funny to see who commented on the initial suggestion made by the security team and which suggestions people made. Funny? Here are some the things I said back then -
"... but I don't see any reason for changing it at all. An unused sshd uses very little memory, and whatever it does use is very quickly swapped out."
"Having thought a litle more about it, I definitely vote no - that change would have only negligible effect for desktop-only/mostly users, whereas it would only create additional work for any server-install."
I also asked:
"What exactly is "better" about not starting sshd by default? " No useful answer.
I even pointed out that "Nobody has described any _actual_ improvements. Running sshd behind the default firewall does not make the system any less secure, and it does not waste any memory when it isn't used."
Nothing funny about me repeating myself, IMHO.
/Per Thing is this is supposed to be Open Open to ideas suggestions assistance improvements , But the only way it is open now is open to the ruling mafia with no care or attention to the users at all Very rapidly becoming the M$ Corp of the Linux world this is how it is like it or lump it .
Pete .
Not running a service is always more secure than running one. Not running a service is always more efficient than running one. These are immutable inarguable facts of laws of physics. Any argument based only on degree is false. If you are going for optimization and a default state that is as clean and minimal as possible (I know, *LAUGH* but humor me :) , let's say they are) then saying this or that service's unnecessary negative impact is "only minimal" is an invalid argument. The simple rule is that if you are actually going to use it, you run it, and everything else, you don't run. The fact that ssh is really common or is typically enabled on every linux server or that all linux boxes are descended from an OS that was originally designed to be a server so we're just plain used to seeing it always there, doesn't really have any bearing on whether it should be enabled by default on a desktop system. You could say that about every kind of service that was ever written, and if you started 50 unused lightweight services it would have a noticeable effect, and even if it's a small one, it's a pointless one so it's correct to remove it. To decide something should be installed and running by default, you have to instead have some certain reason it's needed in the course of doing the job the default state is designed to do. Actually that one last argument about "we're all just used to expecting it to be there always" is somewhat valid. The principle of least surprise is a valid one. I have an ubuntu desk at work. It had sshd enabled out of the box and I never ssh in to it. I could, even remotely, by first getting in to one of the internet-facing boxes, and hunting down the ip from the dhcp server. I just never apparently had a need to in 3 or 4 years that desk has been there. It's a desk. I don't keep much of importance there that I need remote access to and it performs no network service that I might have to go in and admin. Similarly I have linux partitions on every laptop and netbook I've ever owned and I've almost never had a reason to ssh in to any of them. That's probably 20 or more installs just in the last few years. _if_ opensuse is focusing on desktops and no longer attempting to be a first choice for server OS, then it's a good default for both security and performance reasons. Regardless how minimal the impact in either or both areas. For any OS that even casually wants to claim to be a server platform, it makes no sense to default without sshd enabled. Because of the principle of least surprise if nothing else. -- bkw -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org