Why do so many Linux operating systems have cups and other printing services as a high level dependency? It may be trivial, but it’s one more attack vector and one more set of running tasks…
Recent Comments
 | John Taylor on Spread wide before installing… |
 | Pro-tip: Write Pytho… on Python, the slow of the i… |
 | Setsuna on C++0x lambdas suck |
 | Jonathan Witty on Spread wide before installing… |
| Jonathan Witty on Spread wide before installing… |
 | kfsone on Vested Interests |
 | fsdfsdfsd on C++0x lambdas suck |
kfsone's pittance 
3 Comments
Because a lot of people really, really suck at writing dependencies, creating meta-packages and proper package splitting. Also the Linux Standard Base requires it to be there, go figure.
That said, I can remove cups on my Fedora desktop, and it doesn’t bother my FVWM2 window manager at all.
It is annoying, but there’s no reason that it has to be running, just installed. Do a chkconfig to shut it off permanently, and then the only way it can be a vector is if something else executes it’s binaries remotely via some other exploit.
You may also be able to install a different printserver; usually it’s not tied straight to cups but rather the presence of a print server of any kind. You may be able to find a stub one that just pretends to be a printserver to satisfy dependencies. Stupid, but may let you harden things.
It’s installed, because most people do have (or at least have access to) printers. That is just the default. If you want to remove it, you can. ubuntu-desktop is just a metapackage pointing to the default packages. It can be safely removed.
You sound like a perfect candidate, though, for just downloading the mini.iso and building up a system from scratch the way you want it. That’s another route to go.