Date: Thu, 15 Mar 2001 12:21:24 -0800 From: Kris Kennaway <kris@obsecurity.org> To: Gerhard Sittig <Gerhard.Sittig@gmx.net> Cc: Maxim Sobolev <sobomax@FreeBSD.org>, cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: ports enhancement (was: cvs commit: src/sys/netinet ip_output.c) Message-ID: <20010315122124.B64260@mollari.cthul.hu> In-Reply-To: <20010315204101.A20830@speedy.gsinet>; from Gerhard.Sittig@gmx.net on Thu, Mar 15, 2001 at 08:41:01PM %2B0100 References: <3AAEBD59.1B77E450@originative.co.uk> <200103140045.f2E0jgf15403@vic.sabbo.net> <20010315204101.A20830@speedy.gsinet>
next in thread | previous in thread | raw e-mail | index | archive | help
--s/l3CgOIzMHHjg/5
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Thu, Mar 15, 2001 at 08:41:01PM +0100, Gerhard Sittig wrote:
> On Wed, Mar 14, 2001 at 02:45 +0200, Maxim Sobolev wrote:
> >=20
> > Usually only a very small number of ports broke as the ports
> > tree goes away from your -stable release, and usually if that
> > happens with some of the most-popular apps, like samba or
> > apache, they are quickly getting OSVERSION knobs to build
> > successfully on various -stable incarnations. After all nothing
> > prevents you as a responsible person from fixing it and
> > submitting your fix back as a PR for inclusion into the tree.
>=20
> This somehow reminds me of PR ports/22316 ("Synopsis: [PATCH]
> samba port in a jail(2) environment") with details available at
> http://www.freebsd.org/cgi/query-pr.cgi?pr=3D22316
>=20
> Do we need a (possibly general) mechanism of running networked
> port apps in jails? I almost feel so. That's when I tried to
> discuss this topic in the above PR (samba is just one example I
> ran across and had a clean(?) solution for). But there hasn't
> been response so far. And I also failed contributing this
> cleanup back into the Samba project, there too was nothing but
> silence ...
I think it would be cool to be able to automatically install ports
into a populated jail..would be a great way to enhance security by
partitioning off the system from dodgy ports you don't trust. If you
want to work more on this we should talk :-)
Kris
--s/l3CgOIzMHHjg/5
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (FreeBSD)
Comment: For info see http://www.gnupg.org
iD8DBQE6sSRDWry0BWjoQKURAi9xAJ9LfZQpM42wDEShgDs/TVo3Z8NcvACbBlPB
wssH/k8wr0Rpik23QpoYiM8=
=43Re
-----END PGP SIGNATURE-----
--s/l3CgOIzMHHjg/5--
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010315122124.B64260>