Re: Improving security for pkgsrc

[Pierre Pronchery <khorben%defora.org@localhost>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

			Hi tech-pkg@,

On 07/28/15 19:44, David Holland wrote:
> On Sun, Jul 26, 2015 at 01:07:22AM +0200, Pierre Pronchery wrote:
>>> Generally, we declare each variable to be user-settable in
>>> mk.conf or pkg-settable in Makefile, and never both.  See the
>>> FETCH_USING flamage...
>> 
>> Good point; I do think here it really makes sense to support
>> both though, just like in NetBSD's base system.
> 
> NetBSD's base system does not support "both" in the sense of a 
> variable that's both user-settable and build-system-settable.
> That's why base has both MKFOO and USE_FOO settings.

So MK... is for the build system, and USE_... is for the user?

This was never clear to me. Just look at mk.conf(5), it seems to be
aimed at the user, and the variables there are MKATF, MKBINUTILS,
MKBSDTAR etc, which "can be set ... or ...". This clearly looks like
user settings.

What is the difference then?

>> And even then, packages could set "PKGSRC_USE_SSP?=yes" and then
>> the global setting would take precedence always if set
>> explicitly.
> 
> Then you can't limit configuring it to yes to packages where it's
> been tested and found to work.

Why not? That's what NetBSD's base system does. Programs and libraries
build without SSP by default, and those which were considered
sensitive (exposed to remote users or data) build with SSP by default.
How is that different?

>> b) My personal take on this is: - - it finds bugs (which is a
>> good thing) - - breaking is fail-safe (likewise)
> 
> ...it will likely break too many things to be anything other than
> an explicit setting for the near to middle future.

Instead of
"likely break" "too many things" "near to middle future"...
...can't we just go ahead and break them *now*? This flag *finds*
bugs, the most vicious kind, which will randomly corrupt memory and
possibly bite you at any seemingly unrelated point in the future.

Why can't we just do it?

Cheers,
- -- 
khorben
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJVuAR9AAoJEDA4y9uYhpcDQiIP/1Auj0ECm19RdI78+Qqd9epR
R4UUpXwLOT8Svew/8Vi9OyUFQuNdWlPKRqRcXiQ/c2INQQ0JwAJ0YTo42RNnlgWy
76EmTiWpJxLQjwcNXuFyq3I4aS9MOUnQmJLIdFL+gDyl475eOCPG3pmLu+o9GeYv
pBbCV9qTyu19iLLYi+Uy3Zt3+6wkqQln4j6SjXRz8D7di0d/Te4FGRTsnR8iqoS4
3kmwnICLld+ma0zRtxIzo8qTons05riKQLY6xAV7qtVLxBfVJ/d6ByKuqnhoWraw
0HtsnxLQNOrP/jjDRbLswvTL4Lh6wtLvppEPZ17M1aVqi3plHxJkyvv2Fph6U81N
2QIdAo0Q5MLm5NBE9FRuKat7/1pEBaYP+Rjj8t7Vjut5gGkHXMVc2irBJHSfI7Tx
0tJx0NF90j8h6gBTXnQ3m8Dl8k1t7efkayUGFne7sd+LbhOkadAv/Je5tQaj9j/V
zG7bcm1cLbZ0G+JKtSyIXNZ5XLaOzIeorVSkf/HmfCa/HtP2cXvyfDvTApXzZqgs
dgwaS7z6vvCFLr1KmmAxEXAJb/hicWnKbRTcaZxDwCVepuGhQ3lgf/zncsS0fQbK
K55f8b+qqtxMWqc2WL3lIxlbD6/eKhD0zIjuHGWyDzqnBq+Bk+VB0zOL6ZwOs9ln
dR/zwjq08qCaHFRKzcsn
=vOnU
-----END PGP SIGNATURE-----