Date: Tue, 19 Mar 2002 12:11:29 -0800 From: Kris Kennaway <kris@obsecurity.org> To: Guy Helmer <ghelmer@palisadesys.com> Cc: "David W. Chapman Jr." <dwcjr@inethouston.net>, cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/secure/usr.sbin/sshd Makefile Message-ID: <20020319121129.A2791@xor.obsecurity.org> In-Reply-To: <Pine.LNX.4.33.0203191253290.12151-100000@magellan.palisadesys.com>; from ghelmer@palisadesys.com on Tue, Mar 19, 2002 at 01:05:32PM -0600 References: <014901c1cf76$776b0f00$d800a8c0@dwcjr> <Pine.LNX.4.33.0203191253290.12151-100000@magellan.palisadesys.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--6TrnltStXW4iwmi0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Mar 19, 2002 at 01:05:32PM -0600, Guy Helmer wrote: > > Basically the portable would require less hacking to run on freebsd. T= hey > > are Both from OpenBSD so there shouldn't be any disadvantage. >=20 > The "portable" openssh contains extra code to support other non-BSD O/S's. > To me, this implies the portable openssh contains code we don't need and > it may have security implications. I see this as a disadvantage. On the contrary, all the code "we don't need" is not actually compiled on FreeBSD. OpenBSD have in practise refused to accept patches from FreeBSD (including bugfixes due to differences in FreeBSD behaviour), unless they're also bugs in the OpenBSD version. Therefore the maintenance burden is on the person doing the vendor imports, and it gets increasingly harder over time as the divergence increases. This is the main reason for the delays in updating OpenSSH in FreeBSD. The big advantage to openssh-portable is that they will actually accept portability patches, partly offloading maintenance of those patches onto them. I think we should switch over ASAP, and we'll benefit significantly in the long run. Kris --6TrnltStXW4iwmi0 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE8l5twWry0BWjoQKURAqY2AJ9DLf1bNGpuBWg2V8DdXOjcdIMP6gCgxKVf 9GIS6rlghlIkfN7Mml8S2Sw= =pVSh -----END PGP SIGNATURE----- --6TrnltStXW4iwmi0-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020319121129.A2791>