Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 09 Sep 2011 13:38:53 +0100
From:      Matt Burke <mattblists@icritical.com>
To:        freebsd-ports@freebsd.org
Subject:   Re: sysutils/cfs
Message-ID:  <4E6A08DD.8020307@icritical.com>
In-Reply-To: <4E68F34C.6090504@FreeBSD.org>
References:  <4E651DCF.30605@FreeBSD.org>	<201109052146.p85Lkous037023@fire.js.berklix.net>	<CADLo838dMd5=TjRF5ffiaPH7o0%2BpeWgaqbQqEfDb3EP-n4ec8A@mail.gmail.com>	<4E67935C.6080702@aldan.algebra.com>	<CADLo838QkAjq2jPXy_c5MTYW09tZJMvWTNndo3Pnfa3=1c-5Og@mail.gmail.com>	<4E68AC85.4060705@icritical.com> <4E68F34C.6090504@FreeBSD.org>

next in thread | previous in thread | raw e-mail | index | archive | help
On 09/08/11 17:54, Matthias Andree wrote:
> The port isn't perfectly usable (because that would mean it's usable in
> all circumstances for all advertised purposes, which is explicitly not
> the case in the light of known vulnerabilities).

In British Engligh at least, "perfectly" can mean "adequately" e.g. A
scaffold pole and a short wall is a perfectly usable jack for changing a
car tyre. Apologies.

However, it is still the case that software with known security
vulnerabilities is almost always still usable for the most part.

If the kernel had a flaw which took someone with a username exactly 17
characters long to have UID 0, would you refuse to, or be unable to use the
operating system until it's fixed? What if I mentioned FreeBSD has a
16-character hard-coded limit on usernames?


> Nobody stands there pointing a gun at your head and forces you to
> uninstall a port that got removed from the ports/ tree.

If someone deletes a package I use from ports, they are FORCING me to jump
through an awful load of hoops to get what I want/need.

Let's look at the subject of this thread: What happens if I'm a CFS user
and my hard disk dies? I install the latest release, pull my backups back
in, and find that the FreeBSD people have decided they don't want me to be
able to access my encrypted data any more. What do I do?

Attempt to compile CFS from vendor source?
Waste time trying to re-make a port?
Install the ports tree from a FreeBSD6.1 CD I have lying around?
Just install some other OS?

What exactly is the administrative overhead of having a FORBIDDEN, etc port
in the tree if it compiles, works, and people are happy to use it
regardless of its flaws?




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4E6A08DD.8020307>