Date: Fri, 9 Sep 2011 00:49:04 -0700 From: Greg Byshenk <freebsd@byshenk.net> To: Erik Trulsson <ertr1013@student.uu.se> Cc: freebsd-ports@freebsd.org, Matthias Andree <mandree@freebsd.org> Subject: Re: sysutils/cfs Message-ID: <20110909074904.GI13219@portland.byshenk.net> In-Reply-To: <20110909052751.GB5505@owl.midgard.homeip.net> References: <4E651DCF.30605@FreeBSD.org> <201109052146.p85Lkous037023@fire.js.berklix.net> <CADLo838dMd5=TjRF5ffiaPH7o0%2BpeWgaqbQqEfDb3EP-n4ec8A@mail.gmail.com> <4E67935C.6080702@aldan.algebra.com> <CADLo838QkAjq2jPXy_c5MTYW09tZJMvWTNndo3Pnfa3=1c-5Og@mail.gmail.com> <4E68AC85.4060705@icritical.com> <4E68F34C.6090504@FreeBSD.org> <20110909052751.GB5505@owl.midgard.homeip.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Sep 09, 2011 at 07:27:51AM +0200, Erik Trulsson wrote: > On Thu, Sep 08, 2011 at 06:54:36PM +0200, Matthias Andree wrote: > > Am 08.09.2011 13:52, schrieb Matt Burke: > > > Changing to a hypothetical example, why would an Apache vulnerability in > > > mod_rewrite in the least bit bother a person who doesn't have the module > > > enabled, which I believe is the standard configuration? Would you prefer > > > Apache be deleted from ports if it took longer than expected to fix it? > > > > That wouldn't happen anyways because the package is actively maintained, > > unlike many of the ports the discussion is about. > > You (and others) place *far* too much emphasis on a piece of software > being "maintained" > > > What the current FreeBSD policy of actively deleting perfectly usable ports > > > instead of putting a mild hurdle in the way is saying, is that FreeBSD will > > > stop me doing what I may want to do because FreeBSD knows best. > > > > The port isn't perfectly usable (because that would mean it's usable in > > all circumstances for all advertised purposes, which is explicitly not > > the case in the light of known vulnerabilities). > > In which case just about no port is 'perfectly usable' since almost all > non-trivial software contains bugs - at least some of which are not > documented, meaning that it isn't usable in *all* circumstances for > *all* advertised purposes. I can't necessarily speak for everyone, but I suspect that this is why 'being "maintained"' is seen as important. All software has bugs; what is important is that they are fixed as they are discovered, rather than being left to rot. -- greg byshenk - gbyshenk@byshenk.net - Leiden, NL
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20110909074904.GI13219>