Re: de/activate and Time Machine

[Langer, Stephen A. (Fed)]

Would it be simpler if macports automatically kept a list of the requested
ports somewhere outside of /opt/local?  Then *all* of /opt/local could be
excluded from Time Machine backups, but could be easily (if not
necessarily quickly) restored by reinstalling the requested ports?

— Steve


On 4/28/16, 3:35 AM, "macports-users-boun...@lists.macosforge.org on
behalf of René J.V. Bertin"  wrote:

>On Wednesday April 27 2016 23:10:20 Brandon Allbery wrote:
>
>>I was apparently headed into a brainfog when I wrote that.. recovered
>>today
>
>Heh, why do I seem to relate ... :)
>
>>backup, found that there were port components not under /opt/local
>>missing
>>(notably the symlinks into launchd's directories), and a
>>deactivate/reactivate fixed.
>
>That also sounds familiar in the sense of been there, done that.
>
>Good, so it should indeed be possible to come up with a script or the
>like that sets up Time Machine to do only an "economic" kind of backing
>up of ${prefix}. Supposing that all ports that do use site-specific
>configuration files store those files under etc/ .
>I'll try to find a moment to figure out to what extent keeping an
>additional list of which ports are active is required.
>
>I just think of a complication though. The port command is installed in
>bin/ together with a few others, and there are probably libraries "base"
>uses that live in lib/ . It's probably possible to add those to Time
>Machine's filter list but it does make the idea a bit less appealing.
>
>R.
>___
>macports-users mailing list
>macports-users@lists.macosforge.org
>https://lists.macosforge.org/mailman/listinfo/macports-users

___
macports-users mailing list
macports-users@lists.macosforge.org
https://lists.macosforge.org/mailman/listinfo/macports-users

Re: Sophos Antivirus claims port 'zlib' ships a Virus/Spyware called "iPh/WireLurk-G"...

[Langer, Stephen A.]

On 9/4/15, 8:51 PM, "macports-users-boun...@lists.macosforge.org on behalf
of Ryan Schmidt"  wrote:

>
>On Sep 4, 2015, at 5:27 PM, Brandon Allbery wrote:
>
>> Others have reported this. Unfortunately, there is no guarantee that
>>some random chunk of code or data won't hash to the same value as a
>>virus; it's statistically unlikely, but over time the probability of a
>>false positive will tend toward unity. And in fact false positives are
>>rare but known to happen, as one would expect.
>
>The whole point of hash algorithms is to provide something very close to
>that guarantee. Some hash algorithms are broken, so they can no longer
>provide that guarantee; md5 is an example of a broken hash algorithm.
>Tools exist to let you craft two different files that hash to the same
>md5 sum. But newer algorithms like sha256 and rmd160 are not yet broken
>and still provide sufficiently strong assurances that if the hash of a
>file is the expected value, then the contents of the file are the
>expected contents as well. That's why we use sha256 and rmd160 checksums
>to verify the integrity of the files MacPorts ports download.
>
>I assume the Sophos claim of iPh/WireLurk-G in zlib is a false positive
>and refer concerned users to Sophos.

I had this problem and reported it to our IT staff, who reported it to
sophos, who confirmed that there was a problem with the virus definitions.
 They say that it’s been fixed now.

 — Steve

___
macports-users mailing list
macports-users@lists.macosforge.org
https://lists.macosforge.org/mailman/listinfo/macports-users