/usr/portsnap vs. /var/db/portsnap

Stijn Hoop stijn at win.tue.nl
Sun Aug 7 21:46:20 GMT 2005


On Sun, Aug 07, 2005 at 09:11:31AM -0700, Colin Percival wrote:
> Stijn Hoop wrote:
> > On Sun, Aug 07, 2005 at 07:23:28AM -0700, Colin Percival wrote:
> >>Those don't belong in src, but I could put them into the projects repo
> >>if people really want them.
> > 
> > Not that I am going to do any such thing, but why prevent people from
> > providing their own binaries? Maybe they want to distribute their own
> > ports tree to an internal cluster using portsnap
> 
> Two reasons come to mind: First, the portsnap chain of security starts
> with running cvsup to cvsup-master through a tunnel to freefall... a
> non-committer wouldn't be able to do that.

OK, I'm still arguing in the hypothetical case, but why is it insecure
then to redistribute a copy of a portsnap'd ports tree + local patches?

> Second, it would be far more
> efficient for this hypothetical user to keep their modifications as a
> local set of patches which were applied post-portsnap on individual
> machines.

That might very well be true.

In any case, this is all hypothetical.  All that _I_ am going to do is
checkout the portsnap client when it hits the base system. So no more
devil's advocate for me.

And last but certainly not least: thank you for sharing your software
in the first place!

--Stijn
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-arch/attachments/20050807/79c5c12b/attachment.bin


More information about the freebsd-arch mailing list