Re: security/ca-certificates

[nia <nia%NetBSD.org@localhost>]

On Fri, Jun 10, 2022 at 08:36:02AM -0400, Greg Troxel wrote:
> > Certainly these packages should not be used on non-NetBSD platforms
> > and they should be tightly restricted with ONLY_FOR_PLATFORM and
> > probably some other checks about what exactly they might be
> > installing to, or overwriting.
> 
> I wouldn't say "NetBSD only" (how do people deal with trust anchors on
> IRIX?) but agreed that they should be careful enough not to do wrong
> things on other platforms.

That's not the source of my objection. mozilla-rootcerts
can be happily used to install trust anchors on anything.

The problem is the packages where installation has side-effects -
we don't know how they might clobber things.

> I am trying to separate:
> 
>   - A) package touches things outside of PREFIX so it needs review for
>     doing so in a sane way, probably meeting standards of disclosures,
>     and no other package is allowed to depend on it.  As part of this we
>     might require packages like this to be split into the one that
>     munges outside, and one that just installs within prefix.
> 
>   - B) we have one and people don't like the other one
> 
> To me the second point doesn't fit with pkgsrc, where users having
> choices is normal.  And that means "we can't add Y via A because for
> this purpose X is ok" doesn't seem reasonable.