Date: Mon, 1 Jun 2015 12:38:21 -0400 (EDT) From: Benjamin Kaduk <kaduk@MIT.EDU> To: Roger Marquis <marquis@roble.com> Cc: freebsd-security <freebsd-security@freebsd.org> Subject: Re: avoiding base openssl when building ports Message-ID: <alpine.GSO.1.10.1506011236430.22210@multics.mit.edu> In-Reply-To: <20150601163453.340DA782@hub.freebsd.org> References: <201506010138.t511cp2P088983@gw.catspoiler.org> <alpine.GSO.1.10.1506011214350.22210@multics.mit.edu> <CA%2B7WWSc47cH_C%2BJCFNv22onuf-V=mFNQ%2BU96Gx_vUm-1YU2OdQ@mail.gmail.com> <20150601163453.340DA782@hub.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 1 Jun 2015, Roger Marquis wrote: > Kimmo Paasiala: > > Rumour is that something like that is going to happen with all of the > > problematic libraries by making them private. If someone with inside > > knowledge could confirm these rumours? ;) > > Curious why this is a rumor? Open source operating systems should be > developed transparently, shouldn't they? I have no concrete data, but something might live as only a rumor if someone is considering making the change and analyzing how much work it would be, before they have any proposal to make or patches for review. > > This leads to another question. Where is the line going to be drawn > > which libraries in the base system should be private? There are > > certainly some of them that have to be public like libc and the > > support libraries like libusb. There is certainly no sense in making > > the ports system use full set of its own libraries for everything > > either. > > I'd be happy just to to 'make buildworld -DWITHOUT_OPENSSL'. Better to set WITHOUT_SSL=yes in /etc/src.conf (see src.conf(5)). -Ben
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?alpine.GSO.1.10.1506011236430.22210>