On 08/26/2012 05:58, Baptiste Daroussin wrote: > The is the longer plan but this with also true with pkg_add -r, and the pkg > bootstrap may it be pkg-bootstrap or /usr/sbin/pkg. We have been discussing > with > Security officers and we are waiting for the plan being written and setup by > them, so we can improved security in both pkgng and the bootstrap. This should > have happen in BSDCan, but lack of time from everyone, didn't made it happen, > we > are now aiming at Cambridge DevSummit for that.
It would be nice if this were in place before 10-current shifted to pkg by default in order to limit the number of times that we have to start testing over from scratch. > Given that such a security issue is already in with the current pkg_* tools, > it > was accepting that we can still go that way until the policy is written, given > that the final goal is to have the pkgng package checked against a signature. This isn't the security issue I was talking about by having sbin/pkg pass every command line to local/sbin/pkg. You keep saying that you have no objections to changing the name. I am asking you to do that. I don't care if it is pkg-bootstrap or something else you like better. But please change the name to not be pkg, and limit the functionality of the tool to bootstrapping the pkg package. Doug -- I am only one, but I am one. I cannot do everything, but I can do something. And I will not let what I cannot do interfere with what I can do. -- Edward Everett Hale, (1822 - 1909) _______________________________________________ email@example.com mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"