Date: Sun, 14 May 2006 08:44:02 -0800 From: Beech Rintoul <beech@alaskaparadise.com> To: freebsd-ports@freebsd.org, fbsd@a1poweruser.com Cc: ports@freebsd.org, Spadge <spadge@fromley.net>, "freebsd-questions@FreeBSD. ORG" <freebsd-questions@freebsd.org> Subject: Re: Has the port collection become to large to handle. Message-ID: <200605140844.20043.beech@alaskaparadise.com> In-Reply-To: <MIEPLLIBMLEEABPDBIEGKEADHHAA.fbsd@a1poweruser.com> References: <MIEPLLIBMLEEABPDBIEGKEADHHAA.fbsd@a1poweruser.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--nextPart6139286.xgzqaYo4Gt Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Sunday 14 May 2006 06:08, fbsd wrote: > fbsd wrote: > > The fact is the maintainer is all ready being trusted to > > manage the port so I see no reason NOT to trust him to > > create the matching package. > > Because they don't. The port maintainer is trusted to maintain the > port > ... and then a bunch of people are trusted to audit the ports before > the > update is allowed in to the ports tree. > > Or at least, that's how I thought it worked. If a maintainer tries to put a backdoor or malicious code in a port it's ne= xt=20 to impossible to hide it in the source code. How would you propose doing th= at=20 with a binary? Having the portmanager test every binary that is submitted=20 would slow down the package builds even more.=20 > > ********* so working with in that same procedure the maintainer > passes the packages to the audit people and they pass it on. > No problem with this at all. > > > Even the need of the secure massive package built process is > > now questionable. > > The resources and time needed for performing the > > secure massive package built must impact the release timeline of > > new FreeBSD releases. Doing away with it may streamline many > > other different internal release process. The packages are built on a continual basis. The main reason for this is to= =20 make sure they build on all systems. Having a package to install is=20 secondary. There is plenty of time after a code freeze for a package run.=20 > > The personalised dynamic ports tree is by far the best suggestion so > far. A 'most commonly used' ports tree is a daft idea, IMHO, and I > fully > expect myself to be one of those people who uses quite a few ports > that > would never make it on to that list. And it's not like I do a lot > weird > stuff, either. I just think that with the number of fbsd users on > this > planet, coupled with the number of ports in the tree ... well, > there's > going to be an awful lot of minorities. > > **** the port make method will still be there for all ports with > limited usage history, it will just not have a package for it > because > it has limited usage. > > Also, I think the idea of having a central database to monitor which > ports are used has privacy issues, which will require every port to > have > a privacy disclaimer and an opt-out option. So much for > streamlining. > > ******** There is no privacy issues. Passing cookies is normal and > done as matter of fact by most commercial websites and any website > that > uses php session control makes cookies by default. > This is a no-issue issue. Beech =2D-=20 =2D------------------------------------------------------------------------= =2D------------- Beech Rintoul - Sys. Administrator - beech@alaskaparadise.com /"\ ASCII Ribbon Campaign | Alaska Paradise \ / - NO HTML/RTF in e-mail | 201 East 9Th Avenue Ste.310 X - NO Word docs in e-mail | Anchorage, AK 99501 / \ - Please visit Alaska Paradise - http://www.alaskaparadise.com =2D------------------------------------------------------------------------= =2D------------- --nextPart6139286.xgzqaYo4Gt Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (FreeBSD) iD8DBQBEZ15jp5D0B1NlT4URAnAvAJwJAvKgwaX/qp8fmk1d8gvfT8Lz3wCfQ1fy I50LkELTxt30TfTX86HsuWk= =ZyHU -----END PGP SIGNATURE----- --nextPart6139286.xgzqaYo4Gt--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200605140844.20043.beech>