| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20040829204115.GG3632@hyper> From: gadgeteer at elegantinnovations.org (gadgeteer@...gantinnovations.org) Subject: Re: Re: Re: !SPAM! Automated ssh scanning On Sun, Aug 29, 2004 at 09:27:10PM +0200, Maarten (fulldisc@...ratux.org) wrote: > On Sunday 29 August 2004 00:04, gadgeteer@...gantinnovations.org wrote: > > On Sat, Aug 28, 2004 at 10:23:36PM +0200, Maarten (fulldisc@...ratux.org) > wrote: > > > I remember well that at one time I wanted to install a SuSE system > > > without X, and just one package triggered 4 other packages and those then > > > triggered the full X eventually. It really was a pain. Mind you, that > > > was a few years back, I get the distinct impression things have changed > > > for the better now. > > > > I've not used yast but with rpm at least you can pass a flag to ignore > > dependencies. > > Yes. But that's hardly the point, is it. You can remove the unwanted > packages using 'rpm -e --nodeps' too, but you shouldn't need to. Why not? If someone were installing X and failed to install one of those packages triggered by the dependencies in your example above then their installation would be broken. If the 'one package' were compiled to use shared libs from X it would be broken if you do not install those libs. Usage without X may or may not induce it to actaully break but there is code in there that if executed expects to find those shared libs. The correct thing would have to be re-compile that package to not depend on any of the packages not installed. -- Chief Gadgeteer Elegant Innovations
Powered by blists - more mailing lists