Date: Tue, 2 Jun 2015 16:43:07 +0200 From: Franco Fichtner <franco@lastsummer.de> To: Benjamin Kaduk <kaduk@MIT.EDU> Cc: Kimmo Paasiala <kpaasial@gmail.com>, freebsd-security <freebsd-security@freebsd.org> Subject: Re: scope of private libraries Message-ID: <936D98CC-EC18-4274-B79D-13320CD398D5@lastsummer.de> In-Reply-To: <alpine.GSO.1.10.1506011359040.22210@multics.mit.edu> References: <201506010138.t511cp2P088983@gw.catspoiler.org> <alpine.GSO.1.10.1506011214350.22210@multics.mit.edu> <CA%2B7WWSc47cH_C%2BJCFNv22onuf-V=mFNQ%2BU96Gx_vUm-1YU2OdQ@mail.gmail.com> <alpine.GSO.1.10.1506011238440.22210@multics.mit.edu> <2C5684F6-5D01-42BE-A7BD-13DD88040128@lastsummer.de> <alpine.GSO.1.10.1506011359040.22210@multics.mit.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, the general lack of responses is probably why we have the OpenSSL base issues and maybe they won=E2=80=99t go away anytime soon, even though there are no downsides to modularisation. Yes, anyone can submit patches, but how can potential contributors from the security domain bring in patches that elude the scope of the FreeBSD developers. How can we reason for better security under such circumstances? How can a widespread adoption of the diversity trend of crypto libraries be embraced by FreeBSD without stepping on anyone=E2=80=99s toes? How do we actually create the necessary awareness? How can we move from labels of =E2=80=9Cparanoid=E2=80=9D to =E2=80=9Csecure=E2=80=9D? The last time I tried WITHOUT_CRYPT=3D1 it was dysfunctional despite the fact that the flag exists for the purpose of decoupling base from crypto and being documented without the notion of having =E2=80=9Chiccups=E2=80=9D. And now even one dependency from the ports is what can prolong said status quo in the face of a constant stream of upcoming security advisories. > On 01 Jun 2015, at 20:00, Benjamin Kaduk <kaduk@MIT.EDU> wrote: >=20 > On Mon, 1 Jun 2015, Franco Fichtner wrote: >=20 >> As a side note, does pkgng really have to depend on base >> OpenSSL; does it have to depend on a full-blown SSL library? >=20 > Yes. Thanks for the quick answer from the source, Benjamin. It is, however, not a good reason why pkgng is dynamically linked to OpenSSL in base when e.g. sqlite and libucl are embedded to avoid chicken and egg issues. Why should OpenSSL be the exception? Because it is in base? Because it is too big? Wouldn=E2=80=99t it be easier to embed and deal with security issues through the ports/packages infrastructure which basically rocks? FreeBSD should put effort into getting there, eventually. That=E2=80=99s all I=E2=80=99m saying. Where do we start then? Cheers, Franco=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?936D98CC-EC18-4274-B79D-13320CD398D5>