tech-userlevel archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: [Christos Zoulas] CVS commit: src/usr.bin/ftp

On Fri, Sep 02, 2022 at 06:23:48PM +0300, Christos Zoulas wrote:
> I think we should be installing the anchors by default. I also think
> that people think that https gets validated by default.

Yes, this is long overdue. The current situation is vulnerable
by default to MiM attacks, like malware injection into downloaded
binaries. I feel bad each time I run pkg_add.

Emmanuel Dreyfus

Home | Main Index | Thread Index | Old Index