Is it bad to install more packages than recommended (or required)?
- Anmelden oder Registrieren um Kommentare zu schreiben
I read somewhere that every package is a vunreability. Should this principle be applied to home/office workstations?
(if I installed gnome instead of gnome-shell, or if I even installed a X.org server at all...)
The problem is not about *installing* useless applications but about *running* useless applications. Especially those interacting with the Internet.
>I read somewhere that every package is a vunreability. Should this principle be applied to home/office workstations?
Yes, who not?
>The problem is not about *installing* useless applications but about *running* useless applications. Especially those interacting with the Internet.
Running internet apps can be exploited by a remote attacker but a local adversary can exploit installed apps as well.
If you don't use something, get rid of it. Saves you disk space, useless updates of packages you don't even use, might give Trisquel a better idea what packages people actually use and then there is this security angle.
A local adversary can reboot on a Live system! With a physical access to the computer, there is no security but disk encryption.
Please don't exaggerate; if you're using a good gnu/linux operating system, the application available in the repos are all well tested and pretty save.
Of course there always remains a tiny risk but it's not like russian roulette everytime you install a package....
- Anmelden oder Registrieren um Kommentare zu schreiben