Subject: Re: Proposed audit-packages changes
To: Johnny C. Lam <firstname.lastname@example.org>
From: Todd Vierling <email@example.com>
Date: 11/22/2005 11:04:29
On Tue, 22 Nov 2005, Johnny C. Lam wrote:
> This last change is possibly controversial new behavior because it
> matches neither the old nor the current behavior:
> * "CHECK_VULNERABILITIES" defaults to "yes" only if the audit-packages
> script can be found; otherwise, it defaults to "no". The purpose
> of this change is to not force audit-packages to be installed.
> The old behavior was that vulnerability checks were performed regardless
> of whether audit-packages was installed or not. This was due to the
> standalone implementation of the auditing code in the old
> "check-vulnerable" target. The current behavior is that audit-packages
> must be installed for pkgsrc to work, which again forces the vulnerability
> checks to be performed. The proposed behavior is that we only perform
> the checks if we can actually do so. This can be considered a weakening
> of the security of pkgsrc, so we may not want to do this.
audit-packages is an unreasonable forced dependency, so whatever behavior
you choose, the default must not require its presence. This is not a
"weakening", because this was already the prior behavior of pkgsrc.
-- Todd Vierling <firstname.lastname@example.org> <email@example.com> <firstname.lastname@example.org>