Date: Tue, 20 Nov 2012 23:00:07 -0500 From: Garrett Wollman <wollman@bimajority.org> To: Matthew Seaman <matthew@freebsd.org> Cc: freebsd-security@freebsd.org Subject: Re: Recent security announcement and csup/cvsup? Message-ID: <20652.20935.513138.382822@hergotha.csail.mit.edu> In-Reply-To: <50ABA590.5090600@freebsd.org> References: <20121117150556.GE24320@in-addr.com> <alpine.BSF.2.00.1211171705170.32838@m.fuglos.org> <20121118180421.GF24320@in-addr.com> <20121120100148.GA93826@roberto-aw.eurocontrol.fr> <50ABA590.5090600@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
<<On Tue, 20 Nov 2012 15:45:20 +0000, Matthew Seaman <matthew@freebsd.org> said: > pkgng will have a crypto-signing mechanism for packages with > per-repository public keys and so forth. It's not there yet -- stuff is > awaiting review by security team people, who are (even moreso, given > current events) generally insanely busy. Huh? What's not there yet? I've been signing my local repository since the very beginning. (I'm an unusual case and don't really care about "official" binary packages -- I want/need to control the options things are built with, and pkgng won't be able to handle that case usefully until it has a SAT solver for dependency resolution.) pkgng is the thing that is finally allowing my to manage the FreeBSD machines in our infrastructure as easily as the Debian machines; thankfully we only need about a hundred packages (and no X) rather than the full set. -GAWollman
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20652.20935.513138.382822>