Date: Fri, 03 Feb 2017 23:19:19 -0500 From: "Garance A Drosehn" <drosih@rpi.edu> To: heasley <heas@shrubbery.net> Cc: freebsd-security@freebsd.org Subject: Re: fbsd11 & sshv1 Message-ID: <54709047-AA32-47F2-8B2A-25524A2C2669@rpi.edu> In-Reply-To: <20170203170452.GA40078@shrubbery.net> References: <20170127173016.GF12175@shrubbery.net> <867f5c66yr.fsf@desk.des.no> <20170130195226.GD73060@shrubbery.net> <867f5bfmde.fsf@desk.des.no> <20170131201722.GH11924@shrubbery.net> <86y3xqdxox.fsf@desk.des.no> <20170203005331.GG8381@shrubbery.net> <20170203143417.C33334@sola.nimnet.asn.au> <20170203170452.GA40078@shrubbery.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On 3 Feb 2017, at 12:04, heasley wrote: > Fri, Feb 03, 2017 at 03:13:44PM +1100, Ian Smith: >> Nobody 'forbids' you from making such a port, for your own use and/or >> for others. See Peter Jeremy's suggestion re where it might be placed >> and what sort of dire warnings it ought to announce; I expect SO and >> ports secteam would insist on nothing less. >> >> This differs from expecting|demanding|hoping somebody ELSE should do it. > > i've already explained why I think we (as in those needing it) building > our own is a worse security approach. Its also a bit silly for all > those folks to do it themselves; for the same reason that there are > binary ports. It is a perfectly reasonable idea to have a "net/ssh1" port in the official FreeBSD port collection, along the lines as Peter Jeremy suggested. We're not saying that each user should be forced to create their own. But if there is an official port in the FreeBSD ports collection, then it needs to be maintained by someone who actually cares about 'ssh1'. For instance, I suspect I could *create* such a port, but there is absolutely nothing that I (personally) need 'ssh1' for. Therefore I would never *use* the port, which means that the port would not really be supported. This isn't a good result for anyone. Even though you might *think* you're happy with the initial port, you might be pretty upset if it breaks after one month and I tell you that I have no time to fix it. At that point you'll be mad at me, personally, and I'm not likely to be happy with you, either. That's what we'd like to avoid. -- Garance Alistair Drosehn = drosih@rpi.edu Senior Systems Programmer or gad@FreeBSD.org Rensselaer Polytechnic Institute; Troy, NY; USA
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?54709047-AA32-47F2-8B2A-25524A2C2669>