On Fri, 2014-11-28 at 23:28 +0100, Thomas Liske wrote: > needrestart does not automaticly restart any services by default. Well the point is that it started not running services.
> I > don't see any security issues if the user selects to restart a service > (although the service was not running before). Sorry, but your example > sounds hypothetical to me. It's absolutely not hypothetical. An application cannot just go an silently start services... these services could do or expose anything, and therefore this is a security issue. > You could add a entry to override_rc to prevent ssh to be restarted > accidentally. Well that doesn't really help... first it contradicts the purpose of needrestart, and 2nd one can't just add all services which it my start out of the blue.
smime.p7s
Description: S/MIME cryptographic signature
