From owner-freebsd-ports Tue May 21 22: 3:27 2002 Delivered-To: freebsd-ports@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id 0C1D637B404; Tue, 21 May 2002 22:03:13 -0700 (PDT) Received: from pobrecita.freebsd.ru (ache@localhost [127.0.0.1]) by nagual.pp.ru (8.12.3/8.12.3) with ESMTP id g4M534oQ093655; Wed, 22 May 2002 09:03:07 +0400 (MSD) (envelope-from ache@pobrecita.freebsd.ru) Received: (from ache@localhost) by pobrecita.freebsd.ru (8.12.3/8.12.3/Submit) id g4M533Lv093654; Wed, 22 May 2002 09:03:03 +0400 (MSD) Date: Wed, 22 May 2002 09:03:02 +0400 From: "Andrey A. Chernov" To: "Brian T.Schellenberger" Cc: kris@obsecurity.org, ports@FreeBSD.ORG, portmgr@FreeBSD.ORG, core@FreeBSD.ORG Subject: Re: My position on commiters guide 10.4.4 Message-ID: <20020522050301.GA93570@nagual.pp.ru> References: <20020522041150.GA92851@nagual.pp.ru> <20020522044853.92549BB29@i8k.babbleon.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20020522044853.92549BB29@i8k.babbleon.org> User-Agent: Mutt/1.3.28i Sender: owner-freebsd-ports@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Wed, May 22, 2002 at 00:48:52 -0400, Brian T.Schellenberger wrote: > Really, ports that change without version number changes are a real pain to > deal with, and a new port should be rolled up for them only if there is a > very good reason (which the porter understands), which is all this rule seems > to be saying. I want to especially note that when version number IS CHANGED, we exact in the same situation, i.e. from security perspective all things from 10.4.4 must be done, like complete diff, description of all changes, etc. I found not logical to enforce that requirement when version number is not changed and forget it when it is changed. Do the version number change bring any safety? Of course not, hacker can just upload new version with changed number. > So your position of simply not updating the port until the version number > does change certainly seems reasonable to me. > > If there's somebody else who needs your port _so_ bad that he _must_ get it > before the version number changes then *he* can do the ports and fill in all > the necessary information. > > Am I missing something here? You are correct, but I don't think it is perfect solution, it is forced soultion. I will be more happy if that illogical rule will be removed. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message