Ask Your Question
1

Security of a Fedora 25 minimal Gnome installation

asked 2017-05-23 13:37:21 -0600

danielkrebs gravatar image

Hi there,

I'm trying to do a minimal Gnome installation with Fedora 25 using the "Fedora-Workstation-netinst-x86_64-25-1.3" Media. With Minimal I mean an installation with only the group "critical-path-gnome" without all the extras that come with a standard Workstation installation like boxes, mail clients etc. which i dont use. Reason is, that I have an rather old and small but fully working SSD. My Question is, if this has any security implications, like unconfigured Firewalls, open ports or things like that?

My approach ist to use the graphical installer for partitioning (BTRFS) and install only the Fedora base system and the first optional Group (I'm using the german anaconda installer where i choose "Fedora Betriebssystem" (~ Fedora OS) in the left column and "Standard" as an optional packet). Then I reboot, install basic gnome software via sudo dnf groupinstall critical-path-gnome and then set gnome-shell as boot target via sudo systemctl enable gdm.service. In a VirtualBox VM this works fine with some extra work to install VirtualBox guest additions.

The installation I get by this approach seems to be working well and I would go on installing additional software via gnome-terminal or gnome software.

So my question is, if there are any disadvantages creating a custom Fedora installation this way regarding security/configuration or is a "normal" workstation basically the same but pulling all packages at once?

Thanks DK

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted
2

answered 2017-05-24 17:10:06 -0600

"My Question is, if this has any security implications, like unconfigured Firewalls, open ports or things like that?"

No, it does not have security implications.

"So my question is, if there are any disadvantages creating a custom Fedora installation this way regarding security/configuration or is a "normal" workstation basically the same but pulling all packages at once?"

No, It does not have security implications. As long as you don't open GUI applications as root or log in to gnome as root and run all the applications as root ex. firefox.

edit flag offensive delete link more

Comments

1

First, thanks for your answer John! I certainly don't plan to open GUI Web applications as root or other crazy things like that :) I did some further digging into how different Fedora Editions (Like Server, Workstation etc) are 'made' or installed by annaconda and found the comps.xml file.

If I understand that correctly, installation of eg. Fedora Workstation calls for various groups to be installed (eg. gnome-desktop) which themselves require certain packages (eg. gnome-shell). So doing a Workstation installation is just like pulling a bunch of predefined packages manually, right?

Thanks DK

danielkrebs gravatar imagedanielkrebs ( 2017-05-25 07:03:22 -0600 )edit

yes, it pulls more installation of certain rpms. It installs things like GNOME and other rpms that a user would be need to work on. The server version does not need all that.

jlozadad gravatar imagejlozadad ( 2017-05-25 22:07:50 -0600 )edit
1

OK, thanks again for your support, I marked the Question as answered. DK

danielkrebs gravatar imagedanielkrebs ( 2017-05-26 12:42:15 -0600 )edit

Question Tools

Stats

Asked: 2017-05-23 13:37:21 -0600

Seen: 401 times

Last updated: May 24 '17