Why do so many Linux operating systems have cups and other printing services as a high level dependency? It may be trivial, but it’s one more attack vector and one more set of running tasks…
But I don’t HAVE a printer…
kfsone · May 12, 2010 · Rants & Opinions · cups, linux, ubuntu · 3 Comments
Categories
Recent Posts
Recent Comments
John Taylor on Spread wide before installing… | |
Pro-tip: Write Pytho… on Python, the slow of the i… | |
Setsuna on C++0x lambdas suck | |
Jonathan Witty on Spread wide before installing… | |
Jonathan Witty on Spread wide before installing… | |
kfsone on Vested Interests | |
fsdfsdfsd on C++0x lambdas suck |
Top Posts
Social
Archives
Blog Stats
- 863,458 squirrels
1.31
adobe
apple
austin
battleground europe
battlegroundeurope
c++
c++0x
c++11
capture
cats
chrome
Coding
databases
dba
elite
firefox
game development
games
gamevideos
Gaming
gcc
google
htc trophy
intel
kittens
linux
localization
mars
mea culpa
mercurial
microsoft
mmo
mmorpg
mysql
networking
parallelism
parallelization
patches
programming
python
rants
satans sphincter
space
spam
spore
squads
stargate
stargate atlantis
star wars
strat
subversion
svn
ubuntu
version control
video games
videos
virtualization
vista
visual source safe
visual studio
vmware
vss
web
windows
windows 7
windows 7 phone
wwii
WWIIOL
wwiionline
wwii online
x3
x3 terran conflict
x3:tc
zeromq
3 Comments
Because a lot of people really, really suck at writing dependencies, creating meta-packages and proper package splitting. Also the Linux Standard Base requires it to be there, go figure.
That said, I can remove cups on my Fedora desktop, and it doesn’t bother my FVWM2 window manager at all.
It is annoying, but there’s no reason that it has to be running, just installed. Do a chkconfig to shut it off permanently, and then the only way it can be a vector is if something else executes it’s binaries remotely via some other exploit.
You may also be able to install a different printserver; usually it’s not tied straight to cups but rather the presence of a print server of any kind. You may be able to find a stub one that just pretends to be a printserver to satisfy dependencies. Stupid, but may let you harden things.
It’s installed, because most people do have (or at least have access to) printers. That is just the default. If you want to remove it, you can. ubuntu-desktop is just a metapackage pointing to the default packages. It can be safely removed.
You sound like a perfect candidate, though, for just downloading the mini.iso and building up a system from scratch the way you want it. That’s another route to go.