From owner-freebsd-current@FreeBSD.ORG Sat Dec 21 21:40:01 2013 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B568D6D2 for ; Sat, 21 Dec 2013 21:40:01 +0000 (UTC) Received: from troutmask.apl.washington.edu (troutmask.apl.washington.edu [128.95.76.21]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 8EC22147E for ; Sat, 21 Dec 2013 21:40:01 +0000 (UTC) Received: from troutmask.apl.washington.edu (localhost.apl.washington.edu [127.0.0.1]) by troutmask.apl.washington.edu (8.14.7/8.14.7) with ESMTP id rBLLdxa9061277; Sat, 21 Dec 2013 13:39:59 -0800 (PST) (envelope-from sgk@troutmask.apl.washington.edu) Received: (from sgk@localhost) by troutmask.apl.washington.edu (8.14.7/8.14.7/Submit) id rBLLdxiW061276; Sat, 21 Dec 2013 13:39:59 -0800 (PST) (envelope-from sgk) Date: Sat, 21 Dec 2013 13:39:59 -0800 From: Steve Kargl To: Darren Pilgrim Subject: Re: PACKAGESITE spam Message-ID: <20131221213959.GA61238@troutmask.apl.washington.edu> References: <52B5DF8C.5050204@gmx.com> <20131221200538.GA60827@troutmask.apl.washington.edu> <20131221201026.GB1730@glenbarber.us> <20131221201403.GB60827@troutmask.apl.washington.edu> <20131221210553.GA61158@troutmask.apl.washington.edu> <52B60727.8090001@bluerosetech.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <52B60727.8090001@bluerosetech.com> User-Agent: Mutt/1.5.21 (2010-09-15) Cc: freebsd-current@freebsd.org X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 21 Dec 2013 21:40:01 -0000 On Sat, Dec 21, 2013 at 01:24:55PM -0800, Darren Pilgrim wrote: > On 12/21/2013 1:05 PM, Steve Kargl wrote: > > On Sat, Dec 21, 2013 at 02:54:39PM -0600, Greg Rivers wrote: > >> On Sat, 21 Dec 2013, Steve Kargl wrote: > >> > >>> It did not ask how to stop this stupidity. I asked to have this > >>> stupidity stopped by default. The spewing of this information in > >>> /var/log/messages provides NOTHING. Please turn it off by default. > >>> > >> > >> Do you really feel that strongly about it? Having a record of changes to > >> the system has always seemed like a feature to me... > >> > > > > Yes, I do feel strongly about it. It is completely unnecesary noise. > > It should be off by default. If someone wants to fill /var up with > > useless information, then that someone can turn on the noise. > > It's about what's safe in the common case. There are significant > security risks inherent in pkg's activities, so having a written > external record is the safe option. > > I don't buy the "fill up /var" argument. If your /var is so small that > pkg's logging risks filling it up, why are you not logging to an > external syslog server? There are much more voluminous sources of logs > on a FreeBSD system. It has nothing to do with the size of /var, really. It is completely useless information. You want to know what package are installed, use 'pkg info'. Packages do not spontaneously install themselves. If your system is so insecure that you are worried that some unpriveleged user installed a package, you have bigger problems. -- steve -- Steve