Subject: Re: binary packages with vulnerabilities removed from ftp - a bad idea?
To: Matthias Buelow <firstname.lastname@example.org>
From: Geert Hendrickx <email@example.com>
Date: 01/31/2005 11:23:06
On Sun, Jan 30, 2005 at 05:11:36AM +0100, Matthias Buelow wrote:
> Geert Hendrickx wrote:
> >Of course I don't want to encourage the use of vulnerable, outdated
> >packages, but I think that, when NetBSD and pkgsrc offer a (great!)
> >framework for source and binary packages, it should *work*. New users
> >should then only be taught to invoke audit-packages after a pkg_add, or
> >even better: pkg_add should invoke audit-packages automatically.
> maybe move the problematic package files into a seperate, distinctive
> directory reserved for packages with security bugs, and have the pkg_add
> mechanism issue a comprehensible warning about that, including that they
> have been relocated, and why that has been done so (a standard message
> would probably suffice here). then the user can manually add these
> problematic packages from that directory, if he wants to.
Hm, I would prefer that pkg_add Just Does The Job, and doesn't stop at
each and every package with a known vuln. If the user types "pkg_add
kde", he wants kde to be installed, at once, and not have to enter "yes"
ten times for that (which is what he would do anyway). pkg_add should
just invoke audit-packages when it's done, so the user gets warned that
the current version has a known vulnerability (fixed or not).
This way also requires the least manual intervention of the ftp
maintainers. Just upload a new package when a fix is in pkgsrc.