sysutils/cfs
Greg Byshenk
freebsd at byshenk.net
Fri Sep 9 08:27:08 UTC 2011
On Fri, Sep 09, 2011 at 07:27:51AM +0200, Erik Trulsson wrote:
> On Thu, Sep 08, 2011 at 06:54:36PM +0200, Matthias Andree wrote:
> > Am 08.09.2011 13:52, schrieb Matt Burke:
> > > Changing to a hypothetical example, why would an Apache vulnerability in
> > > mod_rewrite in the least bit bother a person who doesn't have the module
> > > enabled, which I believe is the standard configuration? Would you prefer
> > > Apache be deleted from ports if it took longer than expected to fix it?
> >
> > That wouldn't happen anyways because the package is actively maintained,
> > unlike many of the ports the discussion is about.
>
> You (and others) place *far* too much emphasis on a piece of software
> being "maintained"
> > > What the current FreeBSD policy of actively deleting perfectly usable ports
> > > instead of putting a mild hurdle in the way is saying, is that FreeBSD will
> > > stop me doing what I may want to do because FreeBSD knows best.
> >
> > The port isn't perfectly usable (because that would mean it's usable in
> > all circumstances for all advertised purposes, which is explicitly not
> > the case in the light of known vulnerabilities).
>
> In which case just about no port is 'perfectly usable' since almost all
> non-trivial software contains bugs - at least some of which are not
> documented, meaning that it isn't usable in *all* circumstances for
> *all* advertised purposes.
I can't necessarily speak for everyone, but I suspect that this is
why 'being "maintained"' is seen as important. All software has bugs;
what is important is that they are fixed as they are discovered,
rather than being left to rot.
--
greg byshenk - gbyshenk at byshenk.net - Leiden, NL
More information about the freebsd-ports
mailing list