From owner-cvs-all@FreeBSD.ORG Tue Jan 30 01:07:02 2007 Return-Path: X-Original-To: cvs-all@FreeBSD.org Delivered-To: cvs-all@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id A130716A401; Tue, 30 Jan 2007 01:07:02 +0000 (UTC) (envelope-from jason@wilma.widomaker.com) Received: from wilma.widomaker.com (ip204-238-183-243.east.widomaker.com [204.238.183.243]) by mx1.freebsd.org (Postfix) with ESMTP id F13F213C494; Tue, 30 Jan 2007 01:07:01 +0000 (UTC) (envelope-from jason@wilma.widomaker.com) Received: from wilma.widomaker.com (localhost [127.0.0.1]) by wilma.widomaker.com (8.13.8/8.13.6) with ESMTP id l0U0qn7O001127; Mon, 29 Jan 2007 19:52:49 -0500 (EST) (envelope-from jason@wilma.widomaker.com) Received: (from jason@localhost) by wilma.widomaker.com (8.13.8/8.13.6/Submit) id l0U0qiGY001126; Mon, 29 Jan 2007 19:52:44 -0500 (EST) (envelope-from jason) Date: Mon, 29 Jan 2007 19:52:42 -0500 From: Jason Harris To: Gabor Kovesdan Message-ID: <20070130005242.GA1059@wilma.widomaker.com> References: <200701291905.l0TJ57fG093002__13365.9557941884$1170098220$gmane$org@repoman.freebsd.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="17pEHd4RhPHOinZp" Content-Disposition: inline In-Reply-To: <200701291905.l0TJ57fG093002__13365.9557941884$1170098220$gmane$org@repoman.freebsd.org> User-Agent: Mutt/1.4.2.1i Cc: cvs-ports@FreeBSD.org, Jason Harris , secteam@FreeBSD.org, cvs-all@FreeBSD.org, ports-committers@FreeBSD.org Subject: Re: cvs commit: ports/audio/gnump3d Makefile distinfo ports/devel/bglibs Makefile ports/devel/cppi Makefile ports/devel/cvsd Makefile ports/dns/walker Makefile distinfo ports/ftp/lftp Makefile distinfo ports/ftp/twoftpd Makefile ... X-BeenThere: cvs-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: CVS commit messages for the entire tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Jan 2007 01:07:02 -0000 --17pEHd4RhPHOinZp Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Jan 29, 2007 at 07:05:07PM +0000, Gabor Kovesdan wrote: > gabor 2007-01-29 19:05:07 UTC >=20 > FreeBSD ports repository >=20 > Modified files: > Log: > Remove USE_GPG from all effected ports. This knob is a no-op and the wa= y it > was supposed to work is useless, because if we can't trust the distfile= from > the remote machine, we can't trust the signature from the same machine = either. > Our MD5 and SHA256 are good for checking both the sanity and the > trustiness of distfiles. > =20 > Approved by: portmgr (erwin), erwin (mentor) Please revert this. =20 And, more importantly, please respect MAINTAINERs' wishes to make their ports more secure, by allowing the _automatic_ checking of GPG signatures as a first line of defense, rather than less secure. Thank you. (secteam@ CC'd, clearly portmgr(erwin)@ needs some sanity and "trustiness" checking (and balancing)). > Revision Changes Path > 1.47 +0 -4 ports/audio/gnump3d/Makefile > 1.25 +0 -3 ports/audio/gnump3d/distinfo > 1.29 +0 -2 ports/devel/bglibs/Makefile > 1.2 +0 -4 ports/devel/cppi/Makefile > 1.42 +0 -1 ports/devel/cvsd/Makefile > 1.14 +0 -4 ports/dns/walker/Makefile > 1.8 +0 -3 ports/dns/walker/distinfo > 1.115 +0 -4 ports/ftp/lftp/Makefile > 1.77 +0 -3 ports/ftp/lftp/distinfo > 1.16 +0 -2 ports/ftp/twoftpd/Makefile > 1.9 +0 -3 ports/ftp/twoftpd/distinfo > 1.45 +0 -2 ports/mail/maildrop/Makefile > 1.20 +0 -3 ports/mail/maildrop/distinfo > 1.19 +0 -2 ports/mail/mailfront/Makefile > 1.15 +0 -3 ports/mail/mailfront/distinfo > 1.9 +0 -2 ports/mail/qmail-autoresponder/Makefile > 1.5 +0 -3 ports/mail/qmail-autoresponder/distinfo > 1.5 +0 -2 ports/mail/qmail-qfilter/Makefile > 1.5 +0 -3 ports/mail/qmail-qfilter/distinfo > 1.7 +0 -1 ports/mail/t-prot/Makefile > 1.7 +0 -3 ports/mail/t-prot/distinfo > 1.25 +0 -1 ports/net/wol/Makefile > 1.6 +0 -3 ports/net/wol/distinfo > 1.18 +0 -2 ports/security/libgpg-error/Makefile > 1.9 +0 -3 ports/security/libgpg-error/distinfo > 1.41 +0 -2 ports/security/libprelude/Makefile > 1.22 +0 -2 ports/security/libpreludedb/Makefile > 1.38 +0 -4 ports/security/lsh/Makefile > 1.31 +0 -2 ports/security/prelude-lml/Makefile > 1.41 +0 -2 ports/security/prelude-manager/Makefile > 1.4 +1 -4 ports/security/sks/Makefile > 1.3 +0 -3 ports/security/sks/distinfo > 1.78 +0 -2 ports/security/snort/Makefile > 1.6 +0 -2 ports/security/snort_inline/Makefile > 1.13 +0 -4 ports/sysutils/coreutils/Makefile > 1.6 +0 -5 ports/sysutils/coreutils/distinfo > 1.41 +0 -5 ports/sysutils/less/Makefile > 1.20 +0 -5 ports/sysutils/less/distinfo > 1.41 +0 -4 ports/www/cadaver/Makefile > 1.16 +0 -3 ports/www/cadaver/distinfo > 1.116 +0 -5 ports/www/lynx/Makefile > 1.134 +0 -12 ports/www/lynx/distinfo --=20 Jason Harris | NIC: JH329, PGP: This _is_ PGP-signed, isn't it? jharris@widomaker.com _|_ web: http://keyserver.kjsl.com/~jharris/ Got photons? (TM), (C) 2004 --17pEHd4RhPHOinZp Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (FreeBSD) iJ0EARECAF0FAkW+ltpWGGh0dHA6Ly9rZXlzZXJ2ZXIua2pzbC5jb206MTEzNzEv cGtzL2xvb2t1cD9vcD1nZXQmc2VhcmNoPTB4RDM5REEwRTMmd2VoYXZleW91bm93 PXRydWUACgkQSypIl9OdoOMSdwCgqFWu0ZubSnZI2OSab0D7zwRNg7wAoMOOoc+q qveWwgUimOF3/srB4MZw =zi5h -----END PGP SIGNATURE----- --17pEHd4RhPHOinZp--