[oe] samba-essential upgrade or remove?
Frans Meulenbroeks
fransmeulenbroeks at gmail.com
Mon Mar 15 14:58:17 UTC 2010
2010/3/15 Holger Hans Peter Freyther <holger+oe at freyther.de>:
> On Monday 15 March 2010 14:53:44 Mike Westerhof wrote:
>
> Dear Mike,
>
>> Sigh.
>>
>> I really don't think this recipe is worthy of this much controversy.
>> It's essential (hence the name) for certain very small NAS devices.
>>
>> I fail to see how its presence is impacting others -- if you don't like
>> it, don't use it. Simple.
>
> See. This is not the point of liking or not liking a given recipe. I don't
> like the fact that this recipe is not maintained for years and has the
> possibility of damaging the reputation of distros built with OE. I assume
> even users of SlugOS do not like if their device gets owned via known and
> circulating exploits?
I think the chances are small that anyone would put a slug on the open internet.
>
> It would be nice if we could establish a shared responsibility for maintaining
> software that listens on network ports and is handling multimedia content (the
> two kind of things most likely to be suffering flaws). I don't think it is that
> difficult. If there is a remote hole and exploits are floating around, upgrade
> the recipe?
Note that this might go a lot further than you think.
It also means keeping things like php, python and perl up to date as
people could exploit bugs in php code or cgi scripts.
Frans
More information about the Openembedded-devel
mailing list