sysutils/cfs

[Matt Burke]

On 09/07/11 17:04, Chris Rees wrote:

>> The /new/ policy of removing ports for much lighter offenses, such as
> having vulnerabilities, has already caused so many objections, that it is
> time to abolish it.
> 
> I consider the argument here dead; portmgr is reviewing the policy as Erwin
> has said.
> 
> However... I find it deeply troubling that you consider buildability more
> important than security fixes. Are you actually serious?

Changing to a hypothetical example, why would an Apache vulnerability in
mod_rewrite in the least bit bother a person who doesn't have the module
enabled, which I believe is the standard configuration? Would you prefer
Apache be deleted from ports if it took longer than expected to fix it?

I've still got non-networked FreeBSD 4.x laptops running with a version of
Minicom that for a year or so was FORBIDDEN because it had a local root
vulnerability. What's so wrong about that? I'm glad the port wasn't deleted
because I still install and use Minicom today.


What the current FreeBSD policy of actively deleting perfectly usable ports
instead of putting a mild hurdle in the way is saying, is that FreeBSD will
stop me doing what I may want to do because FreeBSD knows best.

I want machines, tools, to do as *I* say not the other way round, whether
it's good for me or not. If I wanted nannying and interference, I'd install
Ubuntu.