Date: Mon, 5 Feb 2001 00:34:10 -0800 From: Kris Kennaway <kennaway@pacbell.net> To: Jeremy Lea <reg@FreeBSD.org>, Kris Kennaway <kennaway@pacbell.net>, cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: ports/x11/XFree86-aoutlibs pkg-req Message-ID: <20010205003410.A25761@mollari.cthul.hu> In-Reply-To: <20010205003004.F8780@shale.csir.co.za>; from reg@FreeBSD.org on Mon, Feb 05, 2001 at 12:30:04AM -0800 References: <200102050808.f1588VM54282@freefall.freebsd.org> <20010205002201.A19536@mollari.cthul.hu> <20010205003004.F8780@shale.csir.co.za>
next in thread | previous in thread | raw e-mail | index | archive | help
--9jxsPFA5p3P2qPhR Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Feb 05, 2001 at 12:30:04AM -0800, Jeremy Lea wrote: > Hi, >=20 > On Mon, Feb 05, 2001 at 12:22:01AM -0800, Kris Kennaway wrote: > > I'd rather we disallow installation from sysinstall rather than hiding > > the security warnings and let people blow off their own feet. > >=20 > > Better yet, we could fix the security problems by rebuilding the > > binaries with security fixes applied, on the appropriate machine. >=20 > This isn't a problem with security. sysinstall has not run ldconfig > by the time the requirements script is run, so pkg-req doesn't think > that libraries that are really there are. The problem I was referring to is that people who install this package from sysinstall explicitly, or worse, by virtue of it being a dependency, will not see the warning about the potential security problems. This isn't the only case which has been 'fixed' by just overriding the warning, so I'm not happy about the general approach. Until we can fix sysinstall I'd prefer to have these packages unavailable from there. > With regards to the security problems... The distfile I was using has > gone from ftp.xfree86.org, so I'm going to have to find a new distfile > anyway. Looks like I'm going to have to find some spare hardware and > install 2.2.8 on it and build the 3.3.6 port from there. I'm sure you can find a 2.2.8 machine to build on if you ask. Kris --9jxsPFA5p3P2qPhR Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE6fmWCWry0BWjoQKURAkzlAJ4wk2NXXxqar9tUF36hilH3Qy4jowCfXZSP yABsnTsRu1O8YlS6Dc+sZ0k= =p3CQ -----END PGP SIGNATURE----- --9jxsPFA5p3P2qPhR-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010205003410.A25761>