A plague of daemons and the Unix Philosophy

Tom Buskey tom at buskey.name
Tue Nov 13 16:54:37 EST 2007


On Nov 13, 2007 2:09 PM, Ben Scott <dragonhawk at gmail.com> wrote:

> On Nov 13, 2007 11:37 AM, Tom Buskey <tom at buskey.name> wrote:
> > Is there a list of what each daemon does?
>
>  I usually read the initscript source.  Failing that, I'll try "man"
> or "whatis" on the program the initscript starts.  Failing that, I'll
> try "rpm -qlf /etc/rc.d/rc.init/foo | grep doc" and look for likely
> docs.  Failing that, I'll disable it, because anything that poorly
> documented is probably a bad idea anyway.


And lots of the gnome/kde/newer linux stuff is in its own private help
system :-(  Everything should have a man page.  Anything else is gravy.


>
> > I've gotten in the habit, sadly, of disabling most daemons ...
>
>  One of my assertions is that that is not a bad habit.  Indeed, I'd
> argue it is a good habit, and should be a design consideration.


Coming from an extreme security point, everything should be disabled.  All
you need is SSH :-) and that should be off too.

I should be able to add services as they are needed.  They should have info
about what enabling them provides along with security guidelines.

IMHO all these new services running out of the box isn't much different from
having ftp, telnet, httpd and rsh running.  Even without security issues,
there's still an issue of resources.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.gnhlug.org/mailman/private/gnhlug-discuss/attachments/20071113/ae254a3f/attachment-0001.html 


More information about the gnhlug-discuss mailing list