Re: misguided ImageMagick polixy.xml settings regarding PS/PDF and ignorance about other problematic coders

To: Greg Troxel <gdt%lexort.com@localhost>
Subject: Re: misguided ImageMagick polixy.xml settings regarding PS/PDF and ignorance about other problematic coders
From: "Dr. Thomas Orgis" <thomas.orgis%uni-hamburg.de@localhost>
Date: Sat, 3 Apr 2021 18:44:28 +0200

Am Sat, 03 Apr 2021 12:22:46 -0400
schrieb Greg Troxel <gdt%lexort.com@localhost>: 

> I meant to ImageMagick.  You are basically asserting that it's a bug in
> ImageMagick that ghostscript is not turned off in the installed policy
> file.

> It seems clear that fundamentally upstream ImageMagick thinks their
> default config is right and you (and probably others) think their
> default is not right.

Big misunderstanding here. I am _not_ advocating for adding rules to
policy.xml, rather for relaxing them.

1. Pkgsrc currently does include the patch that sets "none" for gs
   stuff.
2. My suggestion is to at least reduce that to "write".
3. Dropping it wholesale would be fine by me!

If you argue that pkgsrc should just use the upstream default, I am all
for that! Let's just drop the while policy patch, then. 

> I don't want to say that pkgsrc should never make changes on
> security grounds, just that in doing so I see us as fixing a bug in
> upstream, and our norms call for filing that fix upstream.

There's a question to ask the past where this change was added to
pkgsrc;-)

> Your declaration of "defaults don't work" and "if you want to use pkgsrc
> you must set this" is a mischaracterization.  There are multiple people
> with multiple requirements, and "work" when uttered by someone often
> means "meets *my* requirements".

Yes, you are right. My harsh words relate to ghostscript being a core
component of desktop and some server systems, without any alternative
known to me (hm, maybe some functionality can be forced from TeX tools
instead). This issue only occured to me now because I wanted to build
netbsd-www for another development machine to work on htdocs. It was a
bit distressing that this promptly failed. It just felt strange that
NetBSD project tooling is incompatible with the default license
settings. Maybe you want to drop ImageMagick+ghostscript from the
dependencies of netbsd-www;-)

> This is not documented in the guide as well as it should be

I struggle with the gaps in the documentation quite regularly … asking
on IRC gives me a lot of answers that I don't find in the docs.


Alrighty then,

Thomas

-- 
Dr. Thomas Orgis
HPC @ Universität Hamburg

Follow-Ups:
- Re: misguided ImageMagick polixy.xml settings regarding PS/PDF and ignorance about other problematic coders
  - From: Greg Troxel

References:
- misguided ImageMagick polixy.xml settings regarding PS/PDF and ignorance about other problematic coders
  - From: Dr. Thomas Orgis
- Re: misguided ImageMagick polixy.xml settings regarding PS/PDF and ignorance about other problematic coders
  - From: Greg Troxel
- Re: misguided ImageMagick polixy.xml settings regarding PS/PDF and ignorance about other problematic coders
  - From: Dr. Thomas Orgis
- Re: misguided ImageMagick polixy.xml settings regarding PS/PDF and ignorance about other problematic coders
  - From: Greg Troxel

Prev by Date: Re: misguided ImageMagick polixy.xml settings regarding PS/PDF and ignorance about other problematic coders
Next by Date: Re: misguided ImageMagick polixy.xml settings regarding PS/PDF and ignorance about other problematic coders
Previous by Thread: Re: misguided ImageMagick polixy.xml settings regarding PS/PDF and ignorance about other problematic coders
Next by Thread: Re: misguided ImageMagick polixy.xml settings regarding PS/PDF and ignorance about other problematic coders
Indexes:

Home | Main Index | Thread Index | Old Index