Date: Tue, 19 Jan 2016 05:08:06 +0000 From: =?ISO-8859-1?Q?Lu=EDs?= Fernando Schultz Xavier da Silveira <schultz@ime.usp.br> To: kpneal@pobox.com Cc: Polytropon <freebsd@edvax.de>, freebsd-questions@freebsd.org Subject: Re: Unexpected dependencies of graphics/libGL Message-ID: <20160119050806.cd08ca0687e76a4b09a701e3@ime.usp.br> In-Reply-To: <20160118161235.GA92637@neutralgood.org> References: <20160117031923.ce1f36547351bf07b6fff9a0@ime.usp.br> <20160117070715.1c33732b.freebsd@edvax.de> <20160117162018.964db3b1f2f2133242773e78@ime.usp.br> <20160117220247.69e6774f.freebsd@edvax.de> <20160118161235.GA92637@neutralgood.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, That is a very cool idea. However, it does not make sense to me. >From a security point of view, it is not an improvement because malware in the build dependencies could still affect the results of the compilation within the jail and hence the final binaries and pkg scripts. Furthermore, theoretically if an uncessessary dependecy can break the vanilla system, it can also break it for the same reason with this trick (it is just less likely). Also, the build dependencies will be built over and over again inside the jails during updates (and there are a lot of them). So, while Poudriere is useful for building packages from the point of view of the FreeBSD infrastructure (who does not install the packages itself), it does not make sense to me for a system that will be installing the packages. On Mon, 18 Jan 2016 11:12:35 -0500 kpneal@pobox.com wrote: > On Sun, Jan 17, 2016 at 10:02:47PM +0100, Polytropon wrote: > > On Sun, 17 Jan 2016 16:20:18 +0000, Lu=EDs Fernando Schultz Xavier da S= ilveira wrote: > > > Hi, > > >=20 > > > To me, using ports is a must. > >=20 > > Okay, so pkg is not an option here. >=20 > I swear by Poudriere. It does all the builds in jails and then presents > a package repository understood by pkg. This gets me packages and all the > R-deps but I never have to install any of the B-deps. > --=20 > Kevin P. Neal http://www.pobox.com/~kpn/ >=20 > Seen on bottom of IBM part number 1887724: > DO NOT EXPOSE MOUSE PAD TO DIRECT SUNLIGHT FOR EXTENDED PERIODS OF TIME. >=20
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20160119050806.cd08ca0687e76a4b09a701e3>