Re: gtk3 w/o dbus no longer possible?

To: tech-pkg%NetBSD.org@localhost
Subject: Re: gtk3 w/o dbus no longer possible?
From: David Holland <dholland-pkgtech%netbsd.org@localhost>
Date: Sat, 16 Nov 2024 22:59:00 +0000

On Sat, Nov 16, 2024 at 10:21:16PM +0000, Patrick Welche wrote:
 > > gtk2 didn't depend on dbus prior to this.
 > > 
 > > Now it does; that's broken.
 > 
 > Why does that make it "broken"?

Because dbus is systemd-quality system design, and a lot of us don't
want it on their systems.

But also: because it's very difficult to keep the thing from running
if it's installed; because it installs setuid root frobs so it can't
be contained to a single user account; and because of these factors,
once it's running you get a whole new class of attack vectors/security
risks.

It's one thing, in the absence of alternative infrastructure, to
install it because you need it for something; it's another thing for
large numbers of widely-used applications that don't need it to
quietly start running it.

-- 
David A. Holland
dholland%netbsd.org@localhost

Follow-Ups:
- Re: gtk3 w/o dbus no longer possible?
  - From: Thomas Klausner

References:
- gtk3 w/o dbus no longer possible?
  - From: Tobias Nygren
- Re: gtk3 w/o dbus no longer possible?
  - From: David Holland
- Re: gtk3 w/o dbus no longer possible?
  - From: Thomas Klausner
- Re: gtk3 w/o dbus no longer possible?
  - From: David Holland
- Re: gtk3 w/o dbus no longer possible?
  - From: Thomas Klausner
- Re: gtk3 w/o dbus no longer possible?
  - From: David Holland
- Re: gtk3 w/o dbus no longer possible?
  - From: Patrick Welche

Prev by Date: Re: gtk3 w/o dbus no longer possible?
Next by Date: Re: gtk3 w/o dbus no longer possible?
Previous by Thread: Re: gtk3 w/o dbus no longer possible?
Next by Thread: Re: gtk3 w/o dbus no longer possible?
Indexes:

Home | Main Index | Thread Index | Old Index