Re: CVS commit: pkgsrc/security/mozilla-rootcerts

To: Jonathan Perkin <jperkin%joyent.com@localhost>
Subject: Re: CVS commit: pkgsrc/security/mozilla-rootcerts
From: Greg Troxel <gdt%lexort.com@localhost>
Date: Fri, 27 Mar 2020 12:43:18 -0400

Greg Troxel <gdt%lexort.com@localhost> writes:

>> I don't want mozilla-rootcerts-openssl anywhere near my systems.  Even
>> in a best case scenario where a user is installing it instead of just
>> running the install script manually, there is still plenty that can go
>> wrong (think of an upgrade scenario where something goes awry part way
>> through and now their fetch and pkg_add commands are broken when
>> trying to fix things).
>
> That's your call of course.

I should say that I have always been very vocal that
mozilla-rootcerts-openssl should never be a dependency of any package,
and thus installed only on explicit administrator request.  My reasons
were primarily that I thought it unreasonable that installing some
random program should make trust anchor configuration changes, but your
point that you as administrator of some system are choosing to use the
install script directly instead of via the -openssl package is also a
good reason to object to mozilla-rootcerts-openssl being a dependency.

References:
- CVS commit: pkgsrc/security/mozilla-rootcerts
  - From: Greg Troxel
- Re: CVS commit: pkgsrc/security/mozilla-rootcerts
  - From: Jonathan Perkin
- Re: CVS commit: pkgsrc/security/mozilla-rootcerts
  - From: Greg Troxel
- Re: CVS commit: pkgsrc/security/mozilla-rootcerts
  - From: Jonathan Perkin
- Re: CVS commit: pkgsrc/security/mozilla-rootcerts
  - From: Greg Troxel

Prev by Date: CVS commit: pkgsrc/devel/monotone
Next by Date: Re: CVS commit: pkgsrc/security/mozilla-rootcerts
Previous by Thread: Re: CVS commit: pkgsrc/security/mozilla-rootcerts
Next by Thread: Re: CVS commit: pkgsrc/security/mozilla-rootcerts
Indexes:

Home | Main Index | Thread Index | Old Index