[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: Improving security for pkgsrc
On Sun, Jul 26, 2015 at 01:07:22AM +0200, Pierre Pronchery wrote:
> > Generally, we declare each variable to be user-settable in mk.conf
> > or pkg-settable in Makefile, and never both. See the FETCH_USING
> > flamage...
> Good point; I do think here it really makes sense to support both
> though, just like in NetBSD's base system.
NetBSD's base system does not support "both" in the sense of a
variable that's both user-settable and build-system-settable. That's
why base has both MKFOO and USE_FOO settings.
> And even then, packages
> could set "PKGSRC_USE_SSP?=yes" and then the global setting would take
> precedence always if set explicitly.
Then you can't limit configuring it to yes to packages where it's been
tested and found to work.
> b) My personal take on this is:
> - - it finds bugs (which is a good thing)
> - - breaking is fail-safe (likewise)
...it will likely break too many things to be anything other than an
explicit setting for the near to middle future.
David A. Holland
Main Index |
Thread Index |