Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 03 Feb 2017 23:19:19 -0500
From:      "Garance A Drosehn" <drosih@rpi.edu>
To:        heasley <heas@shrubbery.net>
Cc:        freebsd-security@freebsd.org
Subject:   Re: fbsd11 & sshv1
Message-ID:  <54709047-AA32-47F2-8B2A-25524A2C2669@rpi.edu>
In-Reply-To: <20170203170452.GA40078@shrubbery.net>
References:  <20170127173016.GF12175@shrubbery.net> <867f5c66yr.fsf@desk.des.no> <20170130195226.GD73060@shrubbery.net> <867f5bfmde.fsf@desk.des.no> <20170131201722.GH11924@shrubbery.net> <86y3xqdxox.fsf@desk.des.no> <20170203005331.GG8381@shrubbery.net> <20170203143417.C33334@sola.nimnet.asn.au> <20170203170452.GA40078@shrubbery.net>

next in thread | previous in thread | raw e-mail | index | archive | help
On 3 Feb 2017, at 12:04, heasley wrote:

> Fri, Feb 03, 2017 at 03:13:44PM +1100, Ian Smith:
>> Nobody 'forbids' you from making such a port, for your own use and/or
>> for others.  See Peter Jeremy's suggestion re where it might be placed
>> and what sort of dire warnings it ought to announce; I expect SO and
>> ports secteam would insist on nothing less.
>>
>> This differs from expecting|demanding|hoping somebody ELSE should do it.
>
> i've already explained why I think we (as in those needing it) building
> our own is a worse security approach.  Its also a bit silly for all
> those folks to do it themselves; for the same reason that there are
> binary ports.

It is a perfectly reasonable idea to have a "net/ssh1" port in the
official FreeBSD port collection, along the lines as Peter Jeremy
suggested.  We're not saying that each user should be forced to
create their own.

But if there is an official port in the FreeBSD ports collection, then
it needs to be maintained by someone who actually cares about 'ssh1'.

For instance, I suspect I could *create* such a port, but there is
absolutely nothing that I (personally) need 'ssh1' for.  Therefore I
would never *use* the port, which means that the port would not really
be supported.  This isn't a good result for anyone.  Even though you
might *think* you're happy with the initial port, you might be pretty
upset if it breaks after one month and I tell you that I have no time
to fix it.  At that point you'll be mad at me, personally, and I'm not
likely to be happy with you, either.  That's what we'd like to avoid.

-- 
Garance Alistair Drosehn                =     drosih@rpi.edu
Senior Systems Programmer               or   gad@FreeBSD.org
Rensselaer Polytechnic Institute;             Troy, NY;  USA



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?54709047-AA32-47F2-8B2A-25524A2C2669>