PACKAGESITE spam
Baptiste Daroussin
bapt at FreeBSD.org
Sat Dec 21 22:14:44 UTC 2013
On Sat, Dec 21, 2013 at 01:39:59PM -0800, Steve Kargl wrote:
> On Sat, Dec 21, 2013 at 01:24:55PM -0800, Darren Pilgrim wrote:
> > On 12/21/2013 1:05 PM, Steve Kargl wrote:
> > > On Sat, Dec 21, 2013 at 02:54:39PM -0600, Greg Rivers wrote:
> > >> On Sat, 21 Dec 2013, Steve Kargl wrote:
> > >>
> > >>> It did not ask how to stop this stupidity. I asked to have this
> > >>> stupidity stopped by default. The spewing of this information in
> > >>> /var/log/messages provides NOTHING. Please turn it off by default.
> > >>>
> > >>
> > >> Do you really feel that strongly about it? Having a record of changes to
> > >> the system has always seemed like a feature to me...
> > >>
> > >
> > > Yes, I do feel strongly about it. It is completely unnecesary noise.
> > > It should be off by default. If someone wants to fill /var up with
> > > useless information, then that someone can turn on the noise.
> >
> > It's about what's safe in the common case. There are significant
> > security risks inherent in pkg's activities, so having a written
> > external record is the safe option.
> >
> > I don't buy the "fill up /var" argument. If your /var is so small that
> > pkg's logging risks filling it up, why are you not logging to an
> > external syslog server? There are much more voluminous sources of logs
> > on a FreeBSD system.
>
> It has nothing to do with the size of /var, really. It is completely
> useless information. You want to know what package are installed, use
> 'pkg info'. Packages do not spontaneously install themselves. If
> your system is so insecure that you are worried that some unpriveleged
> user installed a package, you have bigger problems.
>
> --
> steve
>
>
> --
> Steve
> _______________________________________________
> freebsd-current at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-current
> To unsubscribe, send any mail to "freebsd-current-unsubscribe at freebsd.org"
this has been done and activated for reason, first for lot of companies, it is
important (PCI DSS requirement for example), secondly I receive tons of request
to actiavte on by default while you are the first to request it off by default
Bapt
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 196 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-current/attachments/20131221/e16ea69b/attachment.sig>
More information about the freebsd-current
mailing list