Date: Thu, 20 Sep 2001 02:08:56 +0900 From: Hiroo ONO (=?iso-2022-jp?B?GyRCPi5MbjQyQDgbKEI=?=) <hiroo@oikumene.gcd.org> To: freebsd-arch@FreeBSD.ORG Subject: Re: Moving UUCP to ports Message-ID: <20010920020856N.hiroo@oikumene.gcd.org> In-Reply-To: <20010917194519.A39672@xor.obsecurity.org> References: <20010917194519.A39672@xor.obsecurity.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello. As one of uucp users, who are supposed to be in the threat of extinction :-), I do not oppose to removing uucp from the base system as long as it remains in the port tree. > That's apparently widely used functionality. My original proposed > patch restricted --config/-I to root, but ache told me lots of people > need that to work. How about making this feature selectable at compile time, as Cy Shubert suggested. If you leave uucp in the base system, the default should be the secure version, but if it is in the port tree, setting the default to current insecure version and just prompting "it has a security hole." and showing how to make the secure version may be sufficient. I think it may be a demerit to uucp user who will have to do a little more operation at install time, but it has the merit that it contents uucp users who still use --config/-I option other than root, and uucp users who do not use this option and want a secure one, and at last non uucp users who do not want security hole in the system they use (except some people who insist on having uucp in the base system if you decide to move the uucp to port :-p). If you remove uucp from the base system and move it to ports, I want to be informed (by UPDATING or/and RELNOTES, etc.), but it is not important whether it is in the base system or in the port tree. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010920020856N.hiroo>