From mboxrd@z Thu Jan 1 00:00:00 1970 From: Hartmut Goebel Subject: server and client in one package -> security issue (was: Add murmur) Date: Sun, 12 Feb 2017 13:23:09 +0100 Message-ID: <96fa2c02-f5da-d4f5-6074-04b29f5376fb@crazy-compilers.com> References: <20170201204312.3005-1-contact.ng0@cryptolab.net> <87mvdvxq9v.fsf@gnu.org> <20170209182030.ngn2dsdfbzsmymdj@wasp> <87efz7asit.fsf@gnu.org> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:39612) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cctBV-00058r-3D for guix-devel@gnu.org; Sun, 12 Feb 2017 07:23:18 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cctBR-0004uQ-TR for guix-devel@gnu.org; Sun, 12 Feb 2017 07:23:17 -0500 Received: from mail-out.m-online.net ([212.18.0.9]:55500) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cctBR-0004uD-N6 for guix-devel@gnu.org; Sun, 12 Feb 2017 07:23:13 -0500 Received: from frontend01.mail.m-online.net (unknown [192.168.8.182]) by mail-out.m-online.net (Postfix) with ESMTP id 3vLnrt6lQBz3hjcZ for ; Sun, 12 Feb 2017 13:23:10 +0100 (CET) Received: from localhost (dynscan1.mnet-online.de [192.168.6.68]) by mail.m-online.net (Postfix) with ESMTP id 3vLnrt5jD5zvlgJ for ; Sun, 12 Feb 2017 13:23:10 +0100 (CET) Received: from mail.mnet-online.de ([192.168.8.182]) by localhost (dynscan1.mail.m-online.net [192.168.6.68]) (amavisd-new, port 10024) with ESMTP id udE0EsUWIbrc for ; Sun, 12 Feb 2017 13:23:09 +0100 (CET) Received: from hermia.goebel-consult.de (ppp-46-244-136-117.dynamic.mnet-online.de [46.244.136.117]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by mail.mnet-online.de (Postfix) with ESMTPS for ; Sun, 12 Feb 2017 13:23:09 +0100 (CET) Received: from thisbe.goebel-consult.de (hermia.goebel-consult.de [192.168.110.7]) by hermia.goebel-consult.de (Postfix) with ESMTP id 30DC86092F for ; Sun, 12 Feb 2017 13:23:09 +0100 (CET) In-Reply-To: <87efz7asit.fsf@gnu.org> List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: "Guix-devel" To: guix-devel@gnu.org Am 09.02.2017 um 23:50 schrieb Ludovic Courtès: > I think the only reason to separate things usually is size, not > “aesthetics.” So I’d be in favor of keeping both in the same output if > there’s no size problem. Separating clients and servers is not an "aesthetic" thing. It's a matter of security. One basic rule for hardening systems is: "only install the required software". If we munge server and clients packages, this obeys this rule. In my day-business I'm a security consultant (CISSP, CSSLP and ISO 27001 Lead Implementer). And from my point of view Guix already has a medium problem of acceptance since it munges development-files and run-time files into one package - as we do for all libraries. This already contradicts the above mentioned basic rule. Now if Guix starts munging server and client components into one package, this plain disqualifies GuixSD from any security sensitive system. [*] [*] OTOH it opens up chances for big business: selling "Secure GuixSD" to customers. -- Regards Hartmut Goebel | Hartmut Goebel | h.goebel@crazy-compilers.com | | www.crazy-compilers.com | compilers which you thought are impossible |