Date: Fri, 18 Dec 2009 06:21:27 -0600 From: Mark Linimon <linimon@lonesome.com> To: Dominic Fandrey <kamikaze@bsdforen.de> Cc: freebsd-ports@freebsd.org Subject: Re: ioquake3 support more platforms Message-ID: <20091218122126.GB1954@lonesome.com> In-Reply-To: <4B2B681A.1090908@bsdforen.de> References: <4B2A52DB.5020602@bsdforen.de> <20091218065728.GC29158@lonesome.com> <4B2B681A.1090908@bsdforen.de>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Dec 18, 2009 at 12:31:38PM +0100, Dominic Fandrey wrote: > But that's not different for any port. E.g. sysutils/bsdadminscripts is > all mine, I create the distfiles and maintain the port, their is no > guarantee that I don't do evil apart from me being quite certain that > I don't. Sure there is. That's why we have ports committers. They are supposed to audit the changes to the port to make sure that the changes are safe. In particular, I expect that they check that the changes are not so extensive that they indicate the distributing system has been hacked. > Why can one assume that an ioquake release is safe? One really cannot. > It's made by the same people who maintain the non-trustworthy SVN. There's no such check as the above possible with checkouts from a source control system. You get whatever is on that box at time T. > Also it's a -devel port. That kinda screams "At your own risk" right > into your face. And NO_PACKAGES would further guarantee it. mcl
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20091218122126.GB1954>