D.gnu - Thoughts on this?
I once installed LSB 2.0, I've just looked at the list of packages in LSB/DCC 3.0. My first thought (as with LSB 2.0) is that of a system's security: No matter what operating system you use, with each extra piece of redundantly installed software, you increase that system's vulnerability to security threats. Surely therefore a Linux Standard Base should be reduced to the bare minimum, depending only on the most essential of services, such as; the kernel, a shell, the C standard library, and maybe a service to install other packages. It certainly didn't ought to include a compiler, to me, that opens the scope even wider, allowing a much deeper attack. Kris wrote:http://arstechnica.com/news.ars/post/20051206-5698.html-- Alan
Dec 11 2005
Alan West <alan alanz.com> I wrote:I once installed LSB 2.0, I've just looked at the list of packages in LSB/DCC 3.0. My first thought (as with LSB 2.0) is that of a system's security: No matter what operating system you use, with each extra piece of redundantly installed software, you increase that system's vulnerability to security threats. Surely therefore a Linux Standard Base should be reduced to the bare minimum, depending only on the most essential of services, such as; the kernel, a shell, the C standard library, and maybe a service to install other packages. It certainly didn't ought to include a compiler, to me, that opens the scope even wider, allowing a much deeper attack. Kris wrote:My initial thought as a developer: The LSB enforces a base set of software packages and versions, which are to be installed/available amongst many GNU/Linux distributions. This allows a developer/packager to make installable pre-built software packages, with dependencies on a set of top level required/optional LSB components. For each supported processor architecture, one installer package can be built, targeting many different LSB conforming systems. Which is of most importance though? -- Alanhttp://arstechnica.com/news.ars/post/20051206-5698.html
Dec 11 2005