On Sun, Dec 17 2017, Giovanni Bechis <giova...@paclan.it> wrote: > Il 17 dicembre 2017 11:54:22 CET, Jeremie Courreges-Anglas <j...@wxcvbn.org> > ha scritto: >>On Sat, Dec 16 2017, Giovanni Bechis <giova...@paclan.it> wrote: >>> On 12/15/17 17:51, Jeremie Courreges-Anglas wrote: >>>> On Wed, Nov 22 2017, Giovanni Bechis <giova...@paclan.it> wrote: >>>>> Hi, >>>>> update to latest release, some bug fixes and pledge(2) support >>>>> committed upstream. >>>> >>>> I don't use this but the update looks fine ports-wise. ok jca@ fwiw >>>> >>>>> Pledge(2) support is enabled only if the daemon is not run with "-o >>no_drop_privileges" parameter; >>>>> do we want to go the way upstream goes or should we disable the >>possibility to disable pledge(2) ? >>>> >>>> I would not bother disabling this, but if you do make it obvious >>that >>>> -o no_drop_privileges won't work. If people use the option as >>>> a workaround and slack off instead of reporting bugs, they're the >>ones >>>> not benefiting from pledge(2), which is not a smart thing to do. >>>> >>> what about this one ? >> >>I have a knee-jerk reaction whenever I see #ifdef SOME_OS, I would have >>implemented this as a configure-time option which would be usable on >>other systems that provide sandboxing. Words are cheap and I don't >>care >>enough to write a diff, so please go ahead with whatever suits you. ;) > > As done in other diffs, I would like to go with a diff as simple as possible > for our tree, then push a proper autoconf diff to upstream for next release.
Cool! But then you could make your patch even shorter: no need to add the #ifdef __OpenBSD__ goo. :) -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
signature.asc
Description: PGP signature
