From owner-freebsd-current@freebsd.org  Mon May 27 14:46:13 2019
Return-Path: <owner-freebsd-current@freebsd.org>
Delivered-To: freebsd-current@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 119291598999;
 Mon, 27 May 2019 14:46:13 +0000 (UTC)
 (envelope-from rainer@ultra-secure.de)
Received: from connect.ultra-secure.de (connect.ultra-secure.de
 [88.198.71.201])
 by mx1.freebsd.org (Postfix) with ESMTP id 2BDBD6FEBC;
 Mon, 27 May 2019 14:46:10 +0000 (UTC)
 (envelope-from rainer@ultra-secure.de)
Received: (Haraka outbound); Mon, 27 May 2019 16:46:03 +0200
Received-SPF: None (connect.ultra-secure.de: domain of ultra-secure.de does
 not designate 127.0.0.10 as permitted sender)
 receiver=connect.ultra-secure.de; identity=mailfrom; client-ip=127.0.0.10;
 helo=connect.ultra-secure.de; envelope-from=<rainer@ultra-secure.de>
Received: from connect.ultra-secure.de (webmail [127.0.0.10])
 by connect.ultra-secure.de (Haraka/2.6.2-toaster) with ESMTPSA id
 FE9800B2-D7D5-4E05-BC6B-629B6799BC0F.1
 envelope-from <rainer@ultra-secure.de> (authenticated bits=0)
 (version=TLSv1/SSLv3 cipher=AES256-SHA verify=NO);
 Mon, 27 May 2019 16:46:00 +0200
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII;
 format=flowed
Content-Transfer-Encoding: 7bit
Date: Mon, 27 May 2019 16:46:00 +0200
From: rainer@ultra-secure.de
To: voidanix@420blaze.it
Cc: freebsd-current@freebsd.org, owner-freebsd-current@freebsd.org
Subject: Re: Disabling COMPAT_FREEBSD4/5/6/7/9 as a default kernel option
In-Reply-To: <ff7bfe10b7953d066e0f087b8d422b89@420blaze.it>
References: <ff7bfe10b7953d066e0f087b8d422b89@420blaze.it>
Message-ID: <eaaf7d3d03dbbee0bebd2769d25fcd54@ultra-secure.de>
X-Sender: rainer@ultra-secure.de
User-Agent: Roundcube Webmail/1.2.0
X-Haraka-GeoIP: --, , NaNkm
X-Haraka-GeoIP-Received: 
X-Haraka-p0f: os="undefined undefined" link_type="undefined"
 distance=undefined total_conn=undefined shared_ip=Y
X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on spamassassin
X-Spam-Level: 
X-Spam-Status: No, score=-2.9 required=5.0 tests=ALL_TRUSTED, BAYES_00,
 SPF_NONE, 
 URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.1
X-Haraka-Karma: score: 6, good: 941, bad: 0, connections: 947, history: 941,
 pass:all_good, relaying
X-Rspamd-Queue-Id: 2BDBD6FEBC
X-Spamd-Bar: /
Authentication-Results: mx1.freebsd.org
X-Spamd-Result: default: False [0.56 / 15.00]; ARC_NA(0.00)[];
 RCVD_VIA_SMTP_AUTH(0.00)[]; NEURAL_HAM_MEDIUM(-0.69)[-0.690,0];
 RCPT_COUNT_THREE(0.00)[3]; NEURAL_SPAM_SHORT(0.26)[0.258,0];
 MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[];
 DMARC_NA(0.00)[ultra-secure.de]; AUTH_NA(1.00)[];
 RCVD_COUNT_THREE(0.00)[3]; TO_MATCH_ENVRCPT_SOME(0.00)[];
 MX_GOOD(-0.01)[connect.ultra-secure.de];
 NEURAL_SPAM_LONG(0.15)[0.152,0]; FROM_NO_DN(0.00)[];
 R_SPF_NA(0.00)[]; RCVD_NO_TLS_LAST(0.10)[];
 FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[];
 MIME_TRACE(0.00)[0:+];
 ASN(0.00)[asn:24940, ipnet:88.198.0.0/16, country:DE];
 MID_RHS_MATCH_FROM(0.00)[];
 IP_SCORE(-0.15)[ipnet: 88.198.0.0/16(1.00), asn: 24940(-1.75),
 country: DE(-0.00)]
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
 <freebsd-current.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-current>, 
 <mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current/>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-current>, 
 <mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 27 May 2019 14:46:13 -0000

Am 2019-05-27 15:55, schrieb voidanix@420blaze.it:
> Hello,
> I wanted to discuss about bug 231768 a bit: it is about keeping
> COMPAT_FREEBSD4/5/6/7/9 on by default in the kernel configs.
> 
> The patch attached for the bug is for disabling these options by
> default, following a few reasons which I'm going to list here:
>     - Keeping support for deprecated libraries isn't exactly the best
> we could do to avoid security issues (if there are any) as I'm sure
> nobody wants to spend that much time maintaining such stuff (it's
> enough to think about misc/compat4x in the ports tree: that version of
> FreeBSD was released on March 2000 and keeping 19 years old libraries
> around isn't ideal)
>     - Devs should get track of time and realize that developing
> software using unsupported libraries is NOT something that you should
> do
>     - Only a tiny fraction of the ports need COMPAT_FREEBSD9 or older:
> if the software won't compile without the legacy components (and has a
> replacement of some kind), considering removal wouldn't be a bad idea
>     - This is on by default: most users don't care or don't use
> binaries that old
> 
> I don't see any practical reason to keep these options on by default,
> but I do appreciate any sort of input regarding this issue.


I have a 32bit FreeBSD 6 binary that I'll need for a bit until the 
department who is technically responsible for the service gets around 
redoing that service.