Date: Sat, 21 Dec 2013 23:14:39 +0100 From: Baptiste Daroussin <bapt@FreeBSD.org> To: Steve Kargl <sgk@troutmask.apl.washington.edu> Cc: freebsd-current@freebsd.org, Darren Pilgrim <list_freebsd@bluerosetech.com> Subject: Re: PACKAGESITE spam Message-ID: <20131221221439.GA59524@ithaqua.etoilebsd.net> In-Reply-To: <20131221213959.GA61238@troutmask.apl.washington.edu> References: <52B5DF8C.5050204@gmx.com> <20131221200538.GA60827@troutmask.apl.washington.edu> <20131221201026.GB1730@glenbarber.us> <20131221201403.GB60827@troutmask.apl.washington.edu> <alpine.BSF.2.00.1312211450130.5630@badger.tharned.org> <20131221210553.GA61158@troutmask.apl.washington.edu> <52B60727.8090001@bluerosetech.com> <20131221213959.GA61238@troutmask.apl.washington.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
--huq684BweRXVnRxX Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sat, Dec 21, 2013 at 01:39:59PM -0800, Steve Kargl wrote: > On Sat, Dec 21, 2013 at 01:24:55PM -0800, Darren Pilgrim wrote: > > On 12/21/2013 1:05 PM, Steve Kargl wrote: > > > On Sat, Dec 21, 2013 at 02:54:39PM -0600, Greg Rivers wrote: > > >> On Sat, 21 Dec 2013, Steve Kargl wrote: > > >> > > >>> It did not ask how to stop this stupidity. I asked to have this > > >>> stupidity stopped by default. The spewing of this information in > > >>> /var/log/messages provides NOTHING. Please turn it off by default. > > >>> > > >> > > >> Do you really feel that strongly about it? Having a record of chang= es to > > >> the system has always seemed like a feature to me... > > >> > > > > > > Yes, I do feel strongly about it. It is completely unnecesary noise. > > > It should be off by default. If someone wants to fill /var up with > > > useless information, then that someone can turn on the noise. > >=20 > > It's about what's safe in the common case. There are significant=20 > > security risks inherent in pkg's activities, so having a written=20 > > external record is the safe option. > >=20 > > I don't buy the "fill up /var" argument. If your /var is so small that= =20 > > pkg's logging risks filling it up, why are you not logging to an=20 > > external syslog server? There are much more voluminous sources of logs= =20 > > on a FreeBSD system. >=20 > It has nothing to do with the size of /var, really. It is completely > useless information. You want to know what package are installed, use > 'pkg info'. Packages do not spontaneously install themselves. If > your system is so insecure that you are worried that some unpriveleged > user installed a package, you have bigger problems. >=20 > --=20 > steve >=20 >=20 > --=20 > Steve > _______________________________________________ > freebsd-current@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-current > To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.org" this has been done and activated for reason, first for lot of companies, it= is important (PCI DSS requirement for example), secondly I receive tons of req= uest to actiavte on by default while you are the first to request it off by defa= ult Bapt --huq684BweRXVnRxX Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.15 (FreeBSD) iEYEARECAAYFAlK2Es8ACgkQ8kTtMUmk6Ex1ZwCgmiPNlqvN35iyggoCJKJGES9N njQAni/ltqr8m664A4erzvCUT3dbQEPf =k2A9 -----END PGP SIGNATURE----- --huq684BweRXVnRxX--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20131221221439.GA59524>