From owner-cvs-all Wed Jul 26 17:18:40 2000 Delivered-To: cvs-all@freebsd.org Received: from mailhost.netbenefit.co.uk (mailhost.netbenefit.co.uk [212.53.64.39]) by hub.freebsd.org (Postfix) with ESMTP id 11E5B37BCC2; Wed, 26 Jul 2000 17:18:29 -0700 (PDT) (envelope-from pierre.dampure@alveley.org) Received: from usereu70.uk.uudial.com ([62.188.17.154] helo=alveley.org) by mailhost.netbenefit.co.uk with esmtp (NetBenefit 1.5) id 13HakZ-0002g6-00 ; Thu, 27 Jul 2000 00:38:07 +0100 Message-ID: <397F7658.5E375FDC@alveley.org> Date: Thu, 27 Jul 2000 00:38:00 +0100 From: "Dampure, Pierre Y." X-Mailer: Mozilla 4.73 [en] (X11; U; FreeBSD 5.0-CURRENT i386) X-Accept-Language: en MIME-Version: 1.0 To: Warner Losh Cc: Marcel Moolenaar , "Andrey A. Chernov" , cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/etc Makefile src/include Makefile src/release Makefile src/release/picobsd/build Makefile.mfs src/release/picobsd/custom Makefile.mfs src/release/picobsd/dial Makefile.mfs src/release/picobsd/install Makefile.mfs References: <397F297E.2E7D6C37@cup.hp.com> <20000726211733.B50294@nagual.pp.ru> <200007252213.PAA34677@netplex.com.au> <10733.964597601@localhost> <200007261456.IAA11238@nomad.yogotech.com> <20000726125721.Z51462@jade.chc-chimes.com> <200007261659.KAA11807@nomad.yogotech.com> <397F1B6F.46320037@cup.hp.com> <200007261738.LAA30792@harmony.village.org> <200007262029.OAA32129@harmony.village.org> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Warner Losh wrote: > > In message <397F297E.2E7D6C37@cup.hp.com> Marcel Moolenaar writes: > : I can remember, fuzzy though, that my OS at that time, NetBSD IIRC, had > : exactly that. It did a daily scan over the disk to report any mismatches > : on MODs and ownership. I don't know the details anymore and am probably > : mistaken... > > OpenBSD does this as well. It looks like they do two different crypto > hashes on the binaries as well as looking for simple permissions > problems. I might be completely out of order here but, as demonstrated by the recent (and now corrected) breakage in bsd.ports.mk, we CAN control the behaviour of mtree at install time via something like MTREE_ARGS. So, if we think that -L is better at install time due to what was discussed at length on these lists, we just DO NOT make -L the default, but set the corresponding MTREE_ARGS at install time. Andrey gets what he thinks is most secure, the compatibility issue is sorted (if it really existed in the first place), and everyone's happy... Regards, PYD To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message