Date: Mon, 15 Jun 2009 10:09:18 -0800 From: Mel Flynn <mel.flynn+fbsd.ports@mailing.thruhere.net> To: freebsd-ports@freebsd.org Cc: Boris Samorodov <bsam@ipt.ru>, Dominic Fandrey <kamikaze@bsdforen.de> Subject: Re: pkg_libchk: a missing library is not detected Message-ID: <200906151009.19181.mel.flynn%2Bfbsd.ports@mailing.thruhere.net> In-Reply-To: <4A36288D.2080402@bsdforen.de> References: <88733235@bb.ipt.ru> <4A36288D.2080402@bsdforen.de>
next in thread | previous in thread | raw e-mail | index | archive | help
On Monday 15 June 2009 02:55:09 Dominic Fandrey wrote: > Sorry for the late reply, this was auto-sorted into the ports@ mails > and drowned there. > > Boris Samorodov wrote: > > As I understand pkg_upgrade does not preserve old libraries at > > /usr/local/lib/compat? > > That's true. I consider this common approach a security risk. It is a service interruption to delete libraries that are still used and this can also lead to security problems. However, pkg_upgrade cannot ever hope to fix this problem, because the buildservers do not unconditionally rebuild packages that mention the upgraded port in LIB_DEPENDS, therefore it is better to leave these shared libraries around. > To ensure that you get the newest packages wipe > /usr/ports/packages/All. Erm, the download time associated with that approach doesn't really speed up things, nor does it guarantee that you will have working binaries if the port maintainer forgot to version bump a port. -- Mel
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200906151009.19181.mel.flynn%2Bfbsd.ports>