[FFmpeg-devel] [PATCH] Fix compilation on OpenBSD

Michael Niedermayer michaelni
Thu Nov 20 09:00:02 CET 2008


On Wed, Nov 19, 2008 at 08:10:07PM -0500, The Wanderer wrote:
> Michael Niedermayer wrote:
> 
> > On Thu, Nov 20, 2008 at 01:05:45AM +0300, Andrew Savchenko wrote:
> > 
> >> Hi,
> >> 
> >> On Tuesday 18 November 2008 14:35, M?ns Rullg?rd wrote:
> 
> >>> I doubt that make 3.80 is any more or less secure than make 3.81,
> >>> but whatever.
> >> 
> >> This is not a question of gmake itself, indeed. This is a question
> >> of security policy: install nothing outside the main ports tree.
> >> Technically I can broke this rule, but than other people may do the
> >> same and security will likely to be broken eventually one way or
> >> another. The only exception is MPlayer SVN HEAD. But there are some
> >> serious reasons for this decision.
> > 
> > Now one has to wonder why outdated software is supposed to be more
> > secure ...
> 
> More secure than more recent software? It probably isn't.
> 

> More secure than whatever random things users (possibly even
> intentionally malicious users) might choose to install? I should think
> that would be obvious.

i agree but i did not had the feeling that there where any meassures
in place to prevent users from building their own stuff, so at least
malicious users should not be negatively affected.
And i suspect, though may be wrong that a system that has a significant
number of users with accounts who could install random stuff and are
stupid enough so they need a policy to prevent them from doing it, that
such system likely will even with such policy be rather insecure

[...]
-- 
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

It is not what we do, but why we do it that matters.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <http://lists.mplayerhq.hu/pipermail/ffmpeg-devel/attachments/20081120/211e6e87/attachment.pgp>



More information about the ffmpeg-devel mailing list