From owner-cvs-all Sat Sep 8 21:57:12 2001 Delivered-To: cvs-all@freebsd.org Received: from obsecurity.dyndns.org (adsl-63-207-60-54.dsl.lsan03.pacbell.net [63.207.60.54]) by hub.freebsd.org (Postfix) with ESMTP id 5B29237B405; Sat, 8 Sep 2001 21:57:05 -0700 (PDT) Received: by obsecurity.dyndns.org (Postfix, from userid 1000) id C08A466D0A; Sat, 8 Sep 2001 21:57:04 -0700 (PDT) Date: Sat, 8 Sep 2001 21:57:04 -0700 From: Kris Kennaway To: Ade Lovett Cc: Kris Kennaway , cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: ports/net Makefile ports/net/freebsd-uucp Makefile distinfo pkg-comment pkg-descr pkg-plist Message-ID: <20010908215704.A40054@xor.obsecurity.org> References: <200109090346.f893kDG99712@freefall.freebsd.org> <20010908234628.H9547@FreeBSD.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="huq684BweRXVnRxX" Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010908234628.H9547@FreeBSD.org>; from ade@FreeBSD.org on Sat, Sep 08, 2001 at 11:46:28PM -0500 Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --huq684BweRXVnRxX Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sat, Sep 08, 2001 at 11:46:28PM -0500, Ade Lovett wrote: > On Sat, Sep 08, 2001 at 08:46:13PM -0700, Kris Kennaway wrote: > > Add freebsd-uucp 1.06.1, a portified version of the gnu/libexec/uucp > > tree currently in src/, in preparation for removing this infrequently= -used > > set of tools out of the base system. >=20 > When will we see the same treatment for the r-commands, /usr/games, etc.. > etc.. ? Is this the first step on packaging up the entire system You could think of it that way if you like. > or simply a case of being able to say "it's a ports problem" when > further security concerns are discovered with it? It's a security risk we can't easily fix completely at this point in time, and this is a way to compartmentalize the impact so all FreeBSD systems aren't affected, but only those who choose to use it and know the risks. It's been a removal target for a long time since it's so rarely used, and I really think it can be moved out without creating undue hassles for administrators who do use it. Kris --huq684BweRXVnRxX Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE7mvagWry0BWjoQKURAlfMAKCjaSMjUimiRZ6xLlX0b750OEaK+QCeJgY7 QO7ihtg6rYh6AMYhdSJg2fQ= =goS0 -----END PGP SIGNATURE----- --huq684BweRXVnRxX-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message