ntpclient names

Gary E. Miller gem at rellim.com
Wed Feb 22 21:17:00 UTC 2017 

Yo Royce!

On Wed, 22 Feb 2017 11:38:04 -0900
Royce Williams <royce at tycho.org> wrote:

> On Wed, Feb 22, 2017 at 11:30 AM, Gary E. Miller <gem at rellim.com>
> wrote:
> >
> > Yo Achim!
> >
> > On Wed, 22 Feb 2017 18:21:01 +0100
> > Achim Gratz <Stromeko at nexgo.de> wrote:
> >  
> > > Gary E. Miller writes:  
> > > > Mark was thinking of a separate ntp-tools package or option.
> > > > Many distros has a X package and a matching X-tools package.
> > > > We could make that easy with a build option.
> > > >
> > > > I see the vast majority of users only using ntpd.
> > > >
> > > > But seriously, do you really need to save USD$0.001 of disk
> > > > space?  
> > >
> > > I'm pretty sure that Hal was more concerned about not putting
> > > stuff on a public-facing server that wasn't absolutely
> > > necessary.  
> >
> > Then 90% of your distro is probably also not absolutely necessary.
> >
> > If your attacker can run things on your CLI then it is long past
> > game over.  
> 
> The attack surface isn't binary.

Agreed 100%.  Things like CLI tools with no special permissions or
capabilities are way at the bottom of the worry scale.  Lost in the
noise floor.

> IMO, it's better for the ecosystem to let each admin decide which
> things to install or to leave out. If it's an easy split to make, I'd
> rather that admins have the option.

Nothing we do says an admin can't "rm /usr/bin/XXX".  I often have that
in my build scripts.  No need to clutter the build options for that.

RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
	gem at rellim.com  Tel:+1 541 382 8588

	    Veritas liberabit vos. -- Quid est veritas?
    "If you can’t measure it, you can’t improve it." - Lord Kelvin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 455 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ntpsec.org/pipermail/devel/attachments/20170222/66b0315a/attachment.bin>

More information about the devel mailing list