|
OpenBSD General Other questions regarding OpenBSD which do not fit in any of the categories below. |
|
Thread Tools | Display Modes |
|
|||
Uninstall sshd
How to uninstall the sshd or other base program (FTP, httpd)?
Thanks. |
|
|||
Quote:
When all else fails - these are the "goto programs". You might be better served by learning how to turn them on/off rather than "uninstalling" them. $ man rc.conf.local
|
|
||||
I don't see this as interesting. I see it as a complete waste of time.
It reduces the functionality of a system for no obvious operational benefit. It will not prevent an intruder from intruding, if there is a way in. Once in... any tools needed can be installed from outside. Any intruder who can access a shell, or who has the ability to issue exec(3) / fork(2), can install anything they want. Network tools, compilers, and utilities of all kinds. I doubt Peter has discovered noexec filesystems, but they would be needed after he deletes all the utilities he fears might be exploited by intruders. But if the intruder has root access, then they can mount their own vnode(9), circumventing noexec. Or just remount, eliminating the option. Even securelevel=2, which Peter previously deployed, can't prevent this. Last edited by jggimi; 24th August 2015 at 10:59 PM. Reason: typo |
|
||||
It's his system; he can do -- and he does -- whatever he wants. But with few exceptions (pppoe, Gnome), Peter's questions here have been focused on his perceived risks and his perceived threats.
This does little to eliminate real threats, should any exist. And he'll have to do it again, should he upgrade or reinstall. Meanwhile, Peter is still running -release, and to the best of my knowledge, he has not applied any of the 14 published errata patches -- 9 of which address actual, confirmed security issues. If he has not done so, then this is where his attention should be focused, instead of on what I see as imaginative but otherwise useless risk mitigation strategies. Last edited by jggimi; 25th August 2015 at 02:11 AM. Reason: typo, clarity |
|
|||
Quote:
EDIT: How to remove some command which are not used? Last edited by Peter_APIIT; 27th August 2015 at 06:15 AM. |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
4 py-*** packages wouldn't accept uninstall or repair | daemonfowl | OpenBSD Packages and Ports | 8 | 4th June 2013 06:21 PM |
Oracle gives 21 (new) reasons to uninstall Java | J65nko | News | 0 | 18th February 2011 09:57 PM |
uninstall xorg libraries for a server | adrian_m | FreeBSD Ports and Packages | 1 | 26th January 2009 11:01 PM |
Basic sshd hardening | anomie | Guides | 12 | 12th September 2008 03:39 AM |
sshd and timeout | Sunsawe | FreeBSD Security | 6 | 29th May 2008 12:54 PM |