From owner-freebsd-security Mon Feb 5 8:19:18 2001 Delivered-To: freebsd-security@freebsd.org Received: from homer.softweyr.com (bsdconspiracy.net [208.187.122.220]) by hub.freebsd.org (Postfix) with ESMTP id DE0BB37B401 for ; Mon, 5 Feb 2001 08:18:53 -0800 (PST) Received: from [127.0.0.1] (helo=softweyr.com ident=Fools trust ident!) by homer.softweyr.com with esmtp (Exim 3.16 #1) id 14PoPI-0000KS-00; Mon, 05 Feb 2001 09:22:25 -0700 Message-ID: <3A7ED340.68D8BE62@softweyr.com> Date: Mon, 05 Feb 2001 09:22:24 -0700 From: Wes Peters Organization: Softweyr LLC X-Mailer: Mozilla 4.75 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: Roger Marquis Cc: security@FreeBSD.ORG Subject: Re: bind8.2.3 and installation problem References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Roger Marquis wrote: > > Wes Peters wrote: > > > Bind was written on BSD. What's the point of using a port to > > > upgrade it? All FreeBSD's bind port does is increase your chances > > > of errors, reduce your system's overall QA, and install duplicate > > > files in non-standard places. > > > > You completely and utterly fail to understand how the ports system works. > > What FreeBSD's bind port really does is decrease your chance of errors, > > increase your systems's overall QA, install all of the bind configuration > > and executable files in standard FreeBSD locations, track which files > > were installed and allow you to deinstall them simply, and provide a > > one-stop upgrade path. > > Wes, I believe you "utterly fail to understand" the level of quality > assurance in FreeBSD's ports collection. I understand it completely, having provided a few of them myself. There is no implied "audit" of ports, most of them are simply the attempt of the port maintainer to make the program compile and install easily under FreeBSD. > Certainly ports are vastly > better than Linux rpms but they have more than enough bugs to render > such blind faith ill-advised. > > Install bind first via ports and then via the bind-supplied Makefile. > You may find, as I did, that the port _increases_ your chances of No. > errors and _does_not_ install files in their original locations. Correct, it installs them in *FreeBSD standard* locations. I fail to see how this increases the chance of errors. > The only feature this particular port adds, when it works, is a > log under /var/db/pkg that's easier to parse than `make -n`. > > I've been big fan of ports since 2.0.5. They are, IMHO, FreeBSD's > best feature. However, that does not mean they should be trusted > like a Windows setup.exe. Oh, yeah, because windows setup.exe files never have bugs or virus attached, right? You have perverse idea of security. -- "Where am I, and what am I doing in this handbasket?" Wes Peters Softweyr LLC wes@softweyr.com http://softweyr.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message