From owner-freebsd-security@FreeBSD.ORG  Sun Apr 13 21:47:51 2014
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 19BA11F4;
 Sun, 13 Apr 2014 21:47:51 +0000 (UTC)
Received: from smtp.des.no (smtp.des.no [194.63.250.102])
 by mx1.freebsd.org (Postfix) with ESMTP id C886D18EB;
 Sun, 13 Apr 2014 21:47:50 +0000 (UTC)
Received: from nine.des.no (smtp.des.no [194.63.250.102])
 by smtp-int.des.no (Postfix) with ESMTP id 92E546592;
 Sun, 13 Apr 2014 21:47:49 +0000 (UTC)
Received: by nine.des.no (Postfix, from userid 1001)
 id 707FABBA; Sun, 13 Apr 2014 23:47:49 +0200 (CEST)
From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= <des@des.no>
To: David.I.Noel@gmail.com
Subject: Re: Retiring portsnap [was MITM attacks against portsnap and
 freebsd-update]
References: <CAHAXwYCGkP-o0VvMXj5S8-KNA45aTvy+srjDL_=8-x9Dza5z5Q@mail.gmail.com>
 <53472B7F.5090001@FreeBSD.org>
 <CAHAXwYDdxbRimwjvPf+5odYUUN4u4rNzdEkEmWwZN97mi1riEg@mail.gmail.com>
 <53483074.1050100@delphij.net>
 <CAHAXwYDhxmEwxtBLyZF1R1F8XENsq4FbpzVy89BN8f+RYU74KA@mail.gmail.com>
 <44bnw5uwmm.fsf@lowell-desk.lan>
 <CAHAXwYBDWEUH2yDR59Aurbsrjn4W0JAH87Qk7Oumncwagu45Bg@mail.gmail.com>
Date: Sun, 13 Apr 2014 23:47:49 +0200
In-Reply-To: <CAHAXwYBDWEUH2yDR59Aurbsrjn4W0JAH87Qk7Oumncwagu45Bg@mail.gmail.com>
 (David Noel's message of "Sun, 13 Apr 2014 16:07:09 -0500")
Message-ID: <86zjjosxyy.fsf@nine.des.no>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3 (berkeley-unix)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Cc: Lowell Gilbert <freebsd-security-local@be-well.ilk.org>,
 freebsd-security@freebsd.org, security@freebsd.org
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Security issues \[members-only posting\]"
 <freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security/>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 13 Apr 2014 21:47:51 -0000

David Noel <david.i.noel@gmail.com> writes:
> The server-side code of the FreeBSD portsnap system -- a closed source
> fork of the open source portsnap project -- happens to use secured
> access for pulling data from svn.

So by your definition, every single Apache server on the planet runs "a
closed source fork of the open source Apache project" because they do
not use the exact same httpd.conf?

Do you understand the concept of a configuration file?

DES
--=20
Dag-Erling Sm=C3=B8rgrav - des@des.no