From owner-freebsd-security  Fri Jun  4 10:54: 2 1999
Delivered-To: freebsd-security@freebsd.org
Received: from smtp11.bellglobal.com (smtp11.bellglobal.com [204.101.251.53])
	by hub.freebsd.org (Postfix) with ESMTP id 53306150A6
	for <security@FreeBSD.ORG>; Fri,  4 Jun 1999 10:53:52 -0700 (PDT)
	(envelope-from bryanf@geisha.apt.samurai.com)
Received: from geisha.apt.samurai.com (HSE-TOR-ppp37150.sympatico.ca [209.226.141.217])
	by smtp11.bellglobal.com (8.8.5/8.8.5) with ESMTP id NAA16007;
	Fri, 4 Jun 1999 13:56:40 -0400 (EDT)
Received: (from bryanf@localhost)
	by geisha.apt.samurai.com (8.9.1a/8.9.1) id NAA01259;
	Fri, 4 Jun 1999 13:53:50 -0400 (EDT)
Date: Fri, 4 Jun 1999 13:53:49 -0400
From: Bryan Fullerton <bryanf@samurai.com>
To: Roger Marquis <marquis@roble.com>
Cc: security@FreeBSD.ORG
Subject: Re: SSH2 (in FreeBSD-Questions)
Message-ID: <19990604135349.C1032@samurai.com>
References: <Pine.GSO.3.96.990604081850.5931F-100000@roble2.roble.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
User-Agent: Mutt/0.96.1i
In-Reply-To: <Pine.GSO.3.96.990604081850.5931F-100000@roble2.roble.com>; from Roger Marquis on Fri, Jun 04, 1999 at 08:19:08AM -0700
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Fri, Jun 04, 1999 at 08:19:08AM -0700, Roger Marquis <marquis@roble.com> wrote:
> >The problem is that we never now what SUID, port will install!
> 
> Not only "what SUID" but "where" as well.  Ports may be one the best
> things about FreeBSD but there's still _plenty_ of room for
> improvement.
> 
> One thing ports don't do well is install themselves in predictable
> locations.  Instead you'll find them installing files in
> /usr/local/etc, /usr/local/bin, /usr/local/sbin, /usr/local/libexec,
> /var, etc.  When I install ssh2 I want it all under /usr/local/ssh.
> This alone is a good reason to use ports sparingly (after reviewing the
> patches).

Agreed, though I don't mind ssh being dropped in /usr/local/bin and
/usr/local/sbin, since that's where the non-port install drops them.  I do
prefer the config stuff to be put in /etc/ssh2 instead of /usr/local/etc/ssh2,
though - I'm not sure if this is a compile time option or not (I'll admit, I
haven't checked - it's not *that* big a deal for me).

However, both ssh ports are a version behind, and that version was released
on May 13th.  Is there an update in the pipe somewhere?

Bryan

-- 
Bryan Fullerton                http://www.samurai.com/
Core Competency
Samurai Consulting
"No, we don't do seppuku."     Can you feel the Ohmu call?


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message