Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 22 May 2002 08:44:03 +0400
From:      "Andrey A. Chernov" <ache@nagual.pp.ru>
To:        Pete Fritchman <petef@databits.net>
Cc:        Kris Kennaway <kris@obsecurity.org>, cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org
Subject:   Re: cvs commit: ports/security/drweb Makefile distinfo ports/security/drweb/files patch-aa patch-ab
Message-ID:  <20020522044401.GA93258@nagual.pp.ru>
In-Reply-To: <20020522003245.F579@databits.net>
References:  <200205211516.g4LFGeo82331@freefall.freebsd.org> <20020521151814.F31955@xor.obsecurity.org> <20020521235911.GA91185@nagual.pp.ru> <20020521173029.A36618@xor.obsecurity.org> <20020522021445.GA92135@nagual.pp.ru> <20020522003245.F579@databits.net>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Wed, May 22, 2002 at 00:32:45 -0400, Pete Fritchman wrote:
> 
> You think the security officers is going to look at *EVERY* change
> themselves?  As a porter, you should *care* if your port is secure...

I mean local security officer which is interested in application in
question. Porter should not care about how distfile is secure (maybe you
suggest to control developers directly on their site too?), porter does
FreeBSD-related tuning.

I just explain whole picture in my message with subject "My position on 
commiters guide 10.4.4" posted to ports@ (among others), please look 
there.

> So, next time could you just say "the binary daemon changed [a minor
> change to <whatever>], the default configs were updated, *.{o,a} files
> were removed."

This changes I notice during porting task. I can't guarantee that it is 
complete picture of changes and some file not changed in malicious way by 
a hacker.

> Reading a diff really isn't that hard...

It _very_ depends on ports size / amount of files.

Why to do things which is not neccessary for tuning application for 
FreeBSD? Why to do them in the "half way" which not guaranees anything? 
Why try to understand things belong to developers?

BTW, this is not most annoying requirement of 10.4.4, look at
contacting developers requirement.

-- 
Andrey A. Chernov
http://ache.pp.ru/

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020522044401.GA93258>