Date: Sat, 12 Apr 2014 09:55:05 +0800 From: Julian Elischer <julian@freebsd.org> To: Anton Afanasyev <aasoft@gmail.com>, Matthew Rezny <matthew@reztek.cz> Cc: freebsd-hackers@freebsd.org Subject: Re: MITM attacks against portsnap and freebsd-update Message-ID: <53489CF9.70600@freebsd.org> In-Reply-To: <CAEAhP2iV_ze2ogrw9KJqLEwEzKP%2BpNh9km9kA-jrLwXk7G7rHQ@mail.gmail.com> References: <CAHAXwYCGkP-o0VvMXj5S8-KNA45aTvy%2BsrjDL_=8-x9Dza5z5Q@mail.gmail.com> <2012148.SzKMgBGQYg@desktop.reztek> <CAEAhP2iV_ze2ogrw9KJqLEwEzKP%2BpNh9km9kA-jrLwXk7G7rHQ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 4/12/14, 5:20 AM, Anton Afanasyev wrote: > On Fri, Apr 11, 2014 at 11:04 AM, Matthew Rezny <matthew@reztek.cz> wrote: > >> The biggest effort would be adding rsync to base, but being that we have >> svn(lite) in base it should not be a big deal to add rsync. >> > I may be too naive and/or just not understand things as well as those who > do move code into base, so excuse my ignorance, but why was svnlite moved > into base, and why even consider moving rsync into base? > Sure, it is nice if the base includes everything needed to allow > development of it; it is also a must to be able to update and build your > ports. But why include tools that do this, rather than a bootstrap for > installing those tools? because historically, a base freebsd distribution is all you need to rebuild a base FreeBSD system from "CHECKED IN SOURCES". lot s of people have their environments set up assuming this is true. (me included). It's also a worry abotu wether one has ht eright version of SVN or whether you need some special version (we did at one stage)... this takes all the qustions out of it. I know .. Git-lovers are upset.. > For developing and updating base, why not include a script that fetches a > (sufficiently fresh) snapshot of the ports tree and let the user decide > whether they want to use svn or any other port to update their sources? If > it is deemed too large a download (a valid concern) - download only svn and > its dependencies, possibly even to a ports tree rooted in a location > different from /usr/ports, and build svn from that. > For keeping ports up to date, why not include a script that fetches a > (sufficiently fresh) copy of the ports tree and tell the user that the > preferred method to update is rsync; heck, create a port that uses rsync to > do what Matthew described above, and /offer/ to install it for the the user > from the tree that was just downloaded. > > Something along the lines of the above would completely remove the need to > keep unrelated code in base - and the need to keep it updated - , while > still allowing the end user to keep base and ports up to date. > > > Anton > _______________________________________________ > freebsd-hackers@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-hackers > To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?53489CF9.70600>