PACKAGESITE spam

Baptiste Daroussin bapt at FreeBSD.org
Sat Dec 21 22:14:44 UTC 2013 

On Sat, Dec 21, 2013 at 01:39:59PM -0800, Steve Kargl wrote:
> On Sat, Dec 21, 2013 at 01:24:55PM -0800, Darren Pilgrim wrote:
> > On 12/21/2013 1:05 PM, Steve Kargl wrote:
> > > On Sat, Dec 21, 2013 at 02:54:39PM -0600, Greg Rivers wrote:
> > >> On Sat, 21 Dec 2013, Steve Kargl wrote:
> > >>
> > >>> It did not ask how to stop this stupidity.  I asked to have this
> > >>> stupidity stopped by default.  The spewing of this information in
> > >>> /var/log/messages provides NOTHING.  Please turn it off by default.
> > >>>
> > >>
> > >> Do you really feel that strongly about it?  Having a record of changes to
> > >> the system has always seemed like a feature to me...
> > >>
> > >
> > > Yes, I do feel strongly about it.  It is completely unnecesary noise.
> > > It should be off by default.  If someone wants to fill /var up with
> > > useless information, then that someone can turn on the noise.
> > 
> > It's about what's safe in the common case.  There are significant 
> > security risks inherent in pkg's activities, so having a written 
> > external record is the safe option.
> > 
> > I don't buy the "fill up /var" argument.  If your /var is so small that 
> > pkg's logging risks filling it up, why are you not logging to an 
> > external syslog server?  There are much more voluminous sources of logs 
> > on a FreeBSD system.
> 
> It has nothing to do with the size of /var, really.  It is completely
> useless information.  You want to know what package are installed, use
> 'pkg info'.  Packages do not spontaneously install themselves.  If
> your system is so insecure that you are worried that some unpriveleged
> user installed a package, you have bigger problems.
> 
> -- 
> steve
> 
> 
> -- 
> Steve
> _______________________________________________
> freebsd-current at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-current
> To unsubscribe, send any mail to "freebsd-current-unsubscribe at freebsd.org"

this has been done and activated for reason, first for lot of companies, it is
important (PCI DSS requirement for example), secondly I receive tons of request
to actiavte on by default while you are the first to request it off by default

Bapt
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 196 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-current/attachments/20131221/e16ea69b/attachment.sig>

More information about the freebsd-current mailing list