pkg_libchk: a missing library is not detected
Mel Flynn
mel.flynn+fbsd.ports at mailing.thruhere.net
Mon Jun 15 18:09:21 UTC 2009
On Monday 15 June 2009 02:55:09 Dominic Fandrey wrote:
> Sorry for the late reply, this was auto-sorted into the ports@ mails
> and drowned there.
>
> Boris Samorodov wrote:
> > As I understand pkg_upgrade does not preserve old libraries at
> > /usr/local/lib/compat?
>
> That's true. I consider this common approach a security risk.
It is a service interruption to delete libraries that are still used and this
can also lead to security problems.
However, pkg_upgrade cannot ever hope to fix this problem, because the
buildservers do not unconditionally rebuild packages that mention the upgraded
port in LIB_DEPENDS, therefore it is better to leave these shared libraries
around.
> To ensure that you get the newest packages wipe
> /usr/ports/packages/All.
Erm, the download time associated with that approach doesn't really speed up
things, nor does it guarantee that you will have working binaries if the port
maintainer forgot to version bump a port.
--
Mel
More information about the freebsd-ports
mailing list