pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: CVS commit: pkgsrc/security/mozilla-rootcerts
Greg Troxel <gdt%lexort.com@localhost> writes:
>> I don't want mozilla-rootcerts-openssl anywhere near my systems. Even
>> in a best case scenario where a user is installing it instead of just
>> running the install script manually, there is still plenty that can go
>> wrong (think of an upgrade scenario where something goes awry part way
>> through and now their fetch and pkg_add commands are broken when
>> trying to fix things).
>
> That's your call of course.
I should say that I have always been very vocal that
mozilla-rootcerts-openssl should never be a dependency of any package,
and thus installed only on explicit administrator request. My reasons
were primarily that I thought it unreasonable that installing some
random program should make trust anchor configuration changes, but your
point that you as administrator of some system are choosing to use the
install script directly instead of via the -openssl package is also a
good reason to object to mozilla-rootcerts-openssl being a dependency.
Home |
Main Index |
Thread Index |
Old Index