MITM attacks against portsnap and freebsd-update
Tom Evans
tevans.uk at googlemail.com
Sat Apr 12 16:06:42 UTC 2014
On Sat, Apr 12, 2014 at 1:33 PM, <dt71 at gmx.com> wrote:
> Subversion, due to its scheme of keeping an uncompressed copy of each file
> in .svn trees, wastes ~410MiB of disk space (for ports; additionally,
> ~820MiB for src) for users who only want to build ports from source, not
> develop; whereas Portsnap wastes only ~140MiB.
>
> Subversion is more of a resource strain on both clients and servers.
Different people want different things.
I would prefer to see a tool in base, eg freebsd-update, taught how to
use both methods. This would allow the user to choose whether they
want versioned files - in which case freebsd-update would use svnlite
from base, and the user accepts that it will be slow and use a little
more space - or if they want just the up to date files with no
metadata, in which case "portsnap" mode can be used.
I put "portsnap" in quotes there, because it seems like there are some
issues to solve there. In a non license constrained world, the problem
of "how do I replicate these files from here to there" is universally
solved by rsync. Would a freebsd-update tool that required the rsync
port/package to be installed in order to operate in "portsnap" mode be
that bad, especially with svnlite (or even use fetch to grab a
snapshot) to fall back on?
Cheers
Tom
More information about the freebsd-hackers
mailing list