Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 23 May 2014 22:35:09 -0500
From:      David Noel <david.i.noel@gmail.com>
To:        Alnis Morics <alnis.morics@gmail.com>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: MITM attacks against portsnap and freebsd-update
Message-ID:  <CAHAXwYAGeHMJjeE=EGGN1S-t7=gkAr-atNw-PYgiKi--jP4CYg@mail.gmail.com>
In-Reply-To: <537B0522.8090109@gmail.com>
References:  <CAHAXwYBEtqxpDZJBhRF1=QDi6v97qQvJeYUbDE0kYqEsMbvf_w@mail.gmail.com> <537A704D.6010209@gmail.com> <CAHAXwYCjAtU3Wh-Y=juxaYQCU=om=bqonaRiq12VXs7nGT_fwA@mail.gmail.com> <CALf6cgZP6Ps==-vG1P3gbb5w9BovH4jisfSo-xPqRCp1jXRpWA@mail.gmail.com> <537B0522.8090109@gmail.com>

next in thread | previous in thread | raw e-mail | index | archive | help
On 5/20/14, Alnis Morics <alnis.morics@gmail.com> wrote:
> On 05/20/2014 09:51, n j wrote:
>> On Tue, May 20, 2014 at 12:03 AM, David Noel <david.i.noel@gmail.com> wrote:
>>> On 5/19/14, Alnis Morics <alnis.morics@gmail.com> wrote:
>>>> On 05/19/2014 23:28, David Noel wrote:
>>>>> I also think it would be an appropriate time to discuss retiring portsnap.
>>>> Subversion checkouts and updates take much more time than Porstnap.
>>> My experience has been that both portsnap and svn update typically
>>> take under a minute to complete.
>>>
>>> Regardless, don't most people run this in the background with portsnap
>>> cron?
>>>
>> I don't. And I don't regularly update the ports tree.
>>
>> When you regularly update ports tree, the diffs svn update needs to pull
>> are relatively small. When you update, say, once a month, portsnap in my
>> experience gets the job done a lot quicker.
>>
>> My $.02,
> Exactly. And "svn checkout" is incomparably slower than "portsnap fetch
> extract".

It wasn't a terribly popular suggestion on the security list either.
It's unfortunate that svn doesn't work for your use case -- it was a
painless transition for me. The proposal was based on a "least amount
of work required" model. Now we're actually going to have to find
someone who has the time free to patch portsnap!



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAHAXwYAGeHMJjeE=EGGN1S-t7=gkAr-atNw-PYgiKi--jP4CYg>