Are there any dangerous/vulnerable packages I should remove?

Questions about applications and software
Forum rules
Before you post please read how to get help
Post Reply
User avatar
Mintuser998
Level 1
Level 1
Posts: 38
Joined: Thu May 31, 2018 1:57 pm

Are there any dangerous/vulnerable packages I should remove?

Post by Mintuser998 » Tue Jul 03, 2018 3:16 pm

I already un-installed Mono and Openjdk, which apparently was accidentally installed. I don't think I have Java, but there two Java packages of which I don't know whether I should get rid of. libhsql1.8.0-java : Java SQL database engine, and libservlet3.1-java : Servlet 3.1, JSP 2.3, EL 3.0 and Websocket 1.0 Java API classes. I know Javascript is different, I'm not talking about that. Is there anything that I should remove? Anything of any concern is of note to me.
Funny signature here:

lmuserx4849

Re: Are there any dangerous/vulnerable packages I should remove?

Post by lmuserx4849 » Wed Jul 04, 2018 2:07 pm

Mintuser998 wrote:
Tue Jul 03, 2018 3:16 pm
I already un-installed Mono and Openjdk, which apparently was accidentally installed. I don't think I have Java, but there two Java packages of which I don't know whether I should get rid of. libhsql1.8.0-java : Java SQL database engine, and libservlet3.1-java : Servlet 3.1, JSP 2.3, EL 3.0 and Websocket 1.0 Java API classes. I know Javascript is different, I'm not talking about that. Is there anything that I should remove? Anything of any concern is of note to me.
Linux Mint installed from the standard repositories would not install "dangerous/vulnerable" packages. So not sure where you got your information. Run the LM Update Manager that supplies security fixes when available for all applications as necessary.

User avatar
greerd
Level 5
Level 5
Posts: 986
Joined: Sat Jul 31, 2010 10:58 am
Location: Nova Scotia, Canada

Re: Are there any dangerous/vulnerable packages I should remove?

Post by greerd » Wed Jul 04, 2018 2:25 pm

You might want to check things out before removing them. For instance aptitude why mono-runtime shows that tomboy depends on it and aptitude why openjdk-8-jre shows icedtea. You could end up borking your system.

User avatar
Mintuser998
Level 1
Level 1
Posts: 38
Joined: Thu May 31, 2018 1:57 pm

Re: Are there any dangerous/vulnerable packages I should remove?

Post by Mintuser998 » Wed Jul 18, 2018 11:46 am

I don't have icedtea or tomboy.
Funny signature here:

User avatar
Schultz
Level 6
Level 6
Posts: 1337
Joined: Thu Feb 25, 2016 8:57 pm

Re: Are there any dangerous/vulnerable packages I should remove?

Post by Schultz » Wed Jul 18, 2018 6:55 pm

greerd wrote:
You could end up borking your system.
Every time I installed Mint, one of the first things I did was remove mono, per forum member Pjotr's recommendation (link below, point 2.3).

https://sites.google.com/site/easylinux ... o-and-Orca

gm10
Level 12
Level 12
Posts: 4125
Joined: Thu Jun 21, 2018 5:11 pm

Re: Are there any dangerous/vulnerable packages I should remove?

Post by gm10 » Wed Jul 18, 2018 7:06 pm

If you're scared of open source cross-platform languages/frameworks like mono and java based on those arguments then you also need to remove similar languages like e.g. python and perl. You should also remove shells like bash, sh, and even the Linux kernel. All of those can interpret malicious code.

Yes, that means going back to pen and paper. Don't hurt yourself with the pen though, better throw that away, too. And what about paper cuts...?!

/sarcasm

tl;dr: If you install malicious software to your system then the language it's written in really doesn't matter all that much.

User avatar
Pepi
Level 5
Level 5
Posts: 716
Joined: Wed Nov 18, 2009 7:47 pm

Re: Are there any dangerous/vulnerable packages I should remove?

Post by Pepi » Wed Jul 18, 2018 7:46 pm

With Linux and no **** websites you are safe :mrgreen:

User avatar
Schultz
Level 6
Level 6
Posts: 1337
Joined: Thu Feb 25, 2016 8:57 pm

Re: Are there any dangerous/vulnerable packages I should remove?

Post by Schultz » Wed Jul 18, 2018 8:12 pm

gm10 wrote:
If you're scared of open source cross-platform languages/frameworks like mono and java based on those arguments then you also need to remove similar languages like e.g. python and perl. You should also remove shells like bash, sh, and even the Linux kernel. All of those can interpret malicious code.

Yes, that means going back to pen and paper. Don't hurt yourself with the pen though, better throw that away, too. And what about paper cuts...?!

/sarcasm
I don't think removing mono and icedtea warrants that much sarcasm. Mono comes from the Windows world, and everybody knows that java has more holes than Swiss cheese.

gm10
Level 12
Level 12
Posts: 4125
Joined: Thu Jun 21, 2018 5:11 pm

Re: Are there any dangerous/vulnerable packages I should remove?

Post by gm10 » Wed Jul 18, 2018 8:46 pm

Schultz wrote:
Wed Jul 18, 2018 8:12 pm
gm10 wrote:
If you're scared of open source cross-platform languages/frameworks like mono and java based on those arguments then you also need to remove similar languages like e.g. python and perl. You should also remove shells like bash, sh, and even the Linux kernel. All of those can interpret malicious code.

Yes, that means going back to pen and paper. Don't hurt yourself with the pen though, better throw that away, too. And what about paper cuts...?!

/sarcasm
I don't think removing mono and icedtea warrants that much sarcasm. Mono comes from the Windows world, and everybody knows that java has more holes than Swiss cheese.
Windows world = non-argument
Everybody knows? The CVE database has exactly zero known vulnerabilities for the openjdk versions in the Mint 19 repositories.

User avatar
thx-1138
Level 6
Level 6
Posts: 1247
Joined: Fri Mar 10, 2017 12:15 pm
Location: Athens, Greece

Re: Are there any dangerous/vulnerable packages I should remove?

Post by thx-1138 » Wed Jul 18, 2018 9:00 pm

..."Hi guys, just installed Linux few days ago - should I remove Mono?"
  • yes
  • no
  • who cares
  • maybe
...and the winner is... :wink:

Post Reply

Return to “Software & Applications”