On Sun, 26 Aug 2012, Ian Lepore wrote: > On Sun, 2012-08-26 at 20:58 +0200, Baptiste Daroussin wrote: >> On Sun, Aug 26, 2012 at 11:39:07AM -0700, Doug Barton wrote: >>> On 08/26/2012 05:58, Baptiste Daroussin wrote: >>> This isn't the security issue I was talking about by having sbin/pkg >>> pass every command line to local/sbin/pkg. >>> >>> You keep saying that you have no objections to changing the name. I am >>> asking you to do that. I don't care if it is pkg-bootstrap or something >>> else you like better. But please change the name to not be pkg, and >>> limit the functionality of the tool to bootstrapping the pkg package. >>> >> >> I received more feedback about keep pkg and changing it to >> pkg-bootstrap, so what should I do, changing it because you are asking for it? > > Would this get better if the bootstrap tool were named pkg and were > installed on a fresh system at /usr/local/sbin, so that it in effect > replaces itself with the real thing, and has no need to leave a > forwarding stub in /usr/sbin ? > > Maybe it could rename itself to /usr/local/sbin/pkg-bootstrap as part of > replacing itself, so that you could re-bootstrap your way out of a > problem later. Ew. But on a similar note, an idea I just had in IRC is to have pkgng overwrite the base /usr/bin/pkg with a link to /usr/local/bin/pkg. That effectively removes that binary. We do have precedent for ports overwriting base with sendmail and openssl. > Hmmm, might have to be careful that future updates don't replace the > real thing with a newer bootstrap program. Yes. A link could be detected by installworld and not overwritten... although that's a hack.Received on Sun Aug 26 2012 - 18:39:14 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:30 UTC