From owner-freebsd-ports@FreeBSD.ORG Sun May 14 16:44:25 2006 Return-Path: X-Original-To: freebsd-ports@freebsd.org Delivered-To: freebsd-ports@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 860BE16A400; Sun, 14 May 2006 16:44:25 +0000 (UTC) (envelope-from beech@alaskaparadise.com) Received: from pinnacle.akherb.com (60-105-237-24.gci.net [24.237.105.60]) by mx1.FreeBSD.org (Postfix) with ESMTP id E585143D46; Sun, 14 May 2006 16:44:24 +0000 (GMT) (envelope-from beech@alaskaparadise.com) Received: by pinnacle.akherb.com (Postfix, from userid 1007) id 5206F5DC1; Sun, 14 May 2006 08:44:24 -0800 (AKDT) X-Spam-Checker-Version: SpamAssassin 3.1.1 (2006-03-10) on pinnacle.akherb.com X-Spam-Level: X-Spam-Status: No, score=-2.5 required=4.0 tests=AWL,BAYES_00 autolearn=ham version=3.1.1 Received: from [192.168.241.103] (7-137-58-66.gci.net [66.58.137.7]) by pinnacle.akherb.com (Postfix) with ESMTP id 6C8CB5DA1; Sun, 14 May 2006 08:44:22 -0800 (AKDT) From: Beech Rintoul Organization: Alaska Paradise To: freebsd-ports@freebsd.org, fbsd@a1poweruser.com Date: Sun, 14 May 2006 08:44:02 -0800 User-Agent: KMail/1.9.1 References: In-Reply-To: MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart6139286.xgzqaYo4Gt"; protocol="application/pgp-signature"; micalg=pgp-sha1 Content-Transfer-Encoding: 7bit Message-Id: <200605140844.20043.beech@alaskaparadise.com> Cc: ports@freebsd.org, Spadge , "freebsd-questions@FreeBSD. ORG" Subject: Re: Has the port collection become to large to handle. X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 14 May 2006 16:44:25 -0000 --nextPart6139286.xgzqaYo4Gt Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Sunday 14 May 2006 06:08, fbsd wrote: > fbsd wrote: > > The fact is the maintainer is all ready being trusted to > > manage the port so I see no reason NOT to trust him to > > create the matching package. > > Because they don't. The port maintainer is trusted to maintain the > port > ... and then a bunch of people are trusted to audit the ports before > the > update is allowed in to the ports tree. > > Or at least, that's how I thought it worked. If a maintainer tries to put a backdoor or malicious code in a port it's ne= xt=20 to impossible to hide it in the source code. How would you propose doing th= at=20 with a binary? Having the portmanager test every binary that is submitted=20 would slow down the package builds even more.=20 > > ********* so working with in that same procedure the maintainer > passes the packages to the audit people and they pass it on. > No problem with this at all. > > > Even the need of the secure massive package built process is > > now questionable. > > The resources and time needed for performing the > > secure massive package built must impact the release timeline of > > new FreeBSD releases. Doing away with it may streamline many > > other different internal release process. The packages are built on a continual basis. The main reason for this is to= =20 make sure they build on all systems. Having a package to install is=20 secondary. There is plenty of time after a code freeze for a package run.=20 > > The personalised dynamic ports tree is by far the best suggestion so > far. A 'most commonly used' ports tree is a daft idea, IMHO, and I > fully > expect myself to be one of those people who uses quite a few ports > that > would never make it on to that list. And it's not like I do a lot > weird > stuff, either. I just think that with the number of fbsd users on > this > planet, coupled with the number of ports in the tree ... well, > there's > going to be an awful lot of minorities. > > **** the port make method will still be there for all ports with > limited usage history, it will just not have a package for it > because > it has limited usage. > > Also, I think the idea of having a central database to monitor which > ports are used has privacy issues, which will require every port to > have > a privacy disclaimer and an opt-out option. So much for > streamlining. > > ******** There is no privacy issues. Passing cookies is normal and > done as matter of fact by most commercial websites and any website > that > uses php session control makes cookies by default. > This is a no-issue issue. Beech =2D-=20 =2D------------------------------------------------------------------------= =2D------------- Beech Rintoul - Sys. Administrator - beech@alaskaparadise.com /"\ ASCII Ribbon Campaign | Alaska Paradise \ / - NO HTML/RTF in e-mail | 201 East 9Th Avenue Ste.310 X - NO Word docs in e-mail | Anchorage, AK 99501 / \ - Please visit Alaska Paradise - http://www.alaskaparadise.com =2D------------------------------------------------------------------------= =2D------------- --nextPart6139286.xgzqaYo4Gt Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (FreeBSD) iD8DBQBEZ15jp5D0B1NlT4URAnAvAJwJAvKgwaX/qp8fmk1d8gvfT8Lz3wCfQ1fy I50LkELTxt30TfTX86HsuWk= =ZyHU -----END PGP SIGNATURE----- --nextPart6139286.xgzqaYo4Gt--