Hello Axel, On Mon, Sep 18, 2017 at 05:27:31PM +0200, Axel Beckert wrote: > Hi Andreas, > > Andreas Henriksson wrote: [...] > > The Debian version contains a home-grown config file parsing > > feature. This should rather be implemented by the daemon itself (if > > needed, or the config file deprecated). > > I tend to disagree here. The config parsing feature could be > implemented as patch against upstream to easier keep up with upstream > changes.
Not sure if we disagree or agree really. To clarify: I don't think the config file parsing should be implemented in the init script itself. If you prefer carrying the implementation as a patch to the daemon, well that's your call. (I see the old maintenance style was to not collaborate with upstream in favour of wasting time on rebasing large patch-sets, but was naively hoping that would change with the new maintenance. I guess 'open source is about collaboration' isn't really true then and debian developers wanting to improve free software even outside of debian itself neither.) > > > The gpm daemon is one of those long-standing things which likely > > contains alot of legacy code. It would be nice if the attack surface > > could be limited by applying some of the systemd security features > > to the service as a future further improvement. eg. Protect*, > > Private*, *Privileges, *Capabilit*, etc. See: > > https://www.freedesktop.org/software/systemd/man/systemd.exec.html > > I strongly disagree here and surely won't propagate that. From my > point of view KISS is the far better security concept than adding > systemd bloat. Security is bloat? Now you're just being ignorant (and I just lost all interest in helping out anymore). Have fun. Regards, Andreas Henriksson
