From owner-freebsd-hackers@FreeBSD.ORG Sat Apr 12 01:55:16 2014 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id CCD6D787 for ; Sat, 12 Apr 2014 01:55:16 +0000 (UTC) Received: from vps1.elischer.org (vps1.elischer.org [204.109.63.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "vps1.elischer.org", Issuer "CA Cert Signing Authority" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 83EFB179E for ; Sat, 12 Apr 2014 01:55:16 +0000 (UTC) Received: from jre-mbp.elischer.org (ppp121-45-232-70.lns20.per1.internode.on.net [121.45.232.70]) (authenticated bits=0) by vps1.elischer.org (8.14.8/8.14.8) with ESMTP id s3C1tBRl005069 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO); Fri, 11 Apr 2014 18:55:14 -0700 (PDT) (envelope-from julian@freebsd.org) Message-ID: <53489CF9.70600@freebsd.org> Date: Sat, 12 Apr 2014 09:55:05 +0800 From: Julian Elischer User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:24.0) Gecko/20100101 Thunderbird/24.4.0 MIME-Version: 1.0 To: Anton Afanasyev , Matthew Rezny Subject: Re: MITM attacks against portsnap and freebsd-update References: <2012148.SzKMgBGQYg@desktop.reztek> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-hackers@freebsd.org X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 12 Apr 2014 01:55:16 -0000 On 4/12/14, 5:20 AM, Anton Afanasyev wrote: > On Fri, Apr 11, 2014 at 11:04 AM, Matthew Rezny wrote: > >> The biggest effort would be adding rsync to base, but being that we have >> svn(lite) in base it should not be a big deal to add rsync. >> > I may be too naive and/or just not understand things as well as those who > do move code into base, so excuse my ignorance, but why was svnlite moved > into base, and why even consider moving rsync into base? > Sure, it is nice if the base includes everything needed to allow > development of it; it is also a must to be able to update and build your > ports. But why include tools that do this, rather than a bootstrap for > installing those tools? because historically, a base freebsd distribution is all you need to rebuild a base FreeBSD system from "CHECKED IN SOURCES". lot s of people have their environments set up assuming this is true. (me included). It's also a worry abotu wether one has ht eright version of SVN or whether you need some special version (we did at one stage)... this takes all the qustions out of it. I know .. Git-lovers are upset.. > For developing and updating base, why not include a script that fetches a > (sufficiently fresh) snapshot of the ports tree and let the user decide > whether they want to use svn or any other port to update their sources? If > it is deemed too large a download (a valid concern) - download only svn and > its dependencies, possibly even to a ports tree rooted in a location > different from /usr/ports, and build svn from that. > For keeping ports up to date, why not include a script that fetches a > (sufficiently fresh) copy of the ports tree and tell the user that the > preferred method to update is rsync; heck, create a port that uses rsync to > do what Matthew described above, and /offer/ to install it for the the user > from the tree that was just downloaded. > > Something along the lines of the above would completely remove the need to > keep unrelated code in base - and the need to keep it updated - , while > still allowing the end user to keep base and ports up to date. > > > Anton > _______________________________________________ > freebsd-hackers@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-hackers > To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org" >