On Sun, 26 Aug 2012, Ian Lepore wrote:
On Sun, 2012-08-26 at 20:58 +0200, Baptiste Daroussin wrote:
On Sun, Aug 26, 2012 at 11:39:07AM -0700, Doug Barton wrote:
On 08/26/2012 05:58, Baptiste Daroussin wrote:
This isn't the security issue I was talking about by having sbin/pkg
pass every command line to local/sbin/pkg.
You keep saying that you have no objections to changing the name. I am
asking you to do that. I don't care if it is pkg-bootstrap or something
else you like better. But please change the name to not be pkg, and
limit the functionality of the tool to bootstrapping the pkg package.
I received more feedback about keep pkg and changing it to
pkg-bootstrap, so what should I do, changing it because you are asking for it?
Would this get better if the bootstrap tool were named pkg and were
installed on a fresh system at /usr/local/sbin, so that it in effect
replaces itself with the real thing, and has no need to leave a
forwarding stub in /usr/sbin ?
Maybe it could rename itself to /usr/local/sbin/pkg-bootstrap as part of
replacing itself, so that you could re-bootstrap your way out of a
problem later.
Ew. But on a similar note, an idea I just had in IRC is to have pkgng
overwrite the base /usr/bin/pkg with a link to /usr/local/bin/pkg.
That effectively removes that binary. We do have precedent for ports
overwriting base with sendmail and openssl.
Hmmm, might have to be careful that future updates don't replace the
real thing with a newer bootstrap program.
Yes. A link could be detected by installworld and not
overwritten... although that's a hack.
_______________________________________________
freebsd-ports@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
