Perl master site changed to tobez.org?

From: Michael Scheidell (scheidell_at_secnap.net)
Date: 06/29/05

  • Next message: Colin Percival: "Re: Perl master site changed to tobez.org?" 
    Date: Wed, 29 Jun 2005 17:37:16 -0400
To: <freebsd-security@freebsd.org>

    Tobez: no disrespect intended, obviously you saw a problem with the
    master sites for perl 5.8.7 and did what you could to help, and with
    your position as a maintainer, I know that the trust we have in you and
    your patches is well earned, so don't take this question as anything but
    my well-earned paranoia rearing its ugly head:

    Yes, building perl5.8.7 did seem like it had a lot of problems with the
    master_sites which is why I went to the freebsd ports cvs tree and
    looked to see if they fixed it, however, I believe it would be prudent
    for me to ask:

    How safe is this your site?
    And, yes, in some of my build scripts I pull the distfiles from our
    local system due to some issues with some of the sites, however, how
    safe is tobez.org from hacking?
    (ok, so, how safe is OUR site from hacking) or anyone's for that matter,
    so please don't take this as a challenge. I have enough to do not to
    have to go rebuilding our servers.

    (from new Makefile for perl5.8)
     
    MASTER_SITES= ${MASTER_SITE_PERL_CPAN} \
                    ${MASTER_SITE_LOCAL:S/$/:local/} \
     
    http://www.tobez.org/download/port-mirrors/lang/perl58/:local
    MASTER_SITE_SUBDIR= ../../src \
                            tobez/:local ./:local

    _______________________________________________
    freebsd-security@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-security
    To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"

  • Next message: Colin Percival: "Re: Perl master site changed to tobez.org?"

    Relevant Pages

    • Re: Perl master site changed to tobez.org?
      ... > safe is tobez.org from hacking? ... > (ok, so, how safe is OUR site from hacking) or anyone's for that matter, ... perl tarball itself. ... Unless you use master sites randomization, ...
      (FreeBSD-Security)
    • Re: question about forked processes writing to the same file
      ... i don't understand why in Programming Perl 3rd ed. page 421, ... the sysopen, sysread, sysseek, and syswrite() functions. ... they interact quirkily with normal Perl I/O functions ... would this be SAFE? ...
      (comp.lang.perl.misc)
    • RE: converting text expressions (like "1+1") to values
      ... Perl doest seem to catch errors like divide-by-zero error. ... Well, the string form of eval will do this; ... $safe = new Safe; ... assumes that the string to be eval'ed will be valid Perl code. ...
      (perl.beginners)
    • Re: Why is java considered a language for "web" or "internet" programming?
      ... if your definition of safety involves enforcing security ... then Perl is going to be hopelessly inadequate for the ... This kind of use case is handled very nicely in Java. ... There are other definitions of "safe", ...
      (comp.lang.java.help)
    • Re: catch hitting crtl-c twice
      ... Then at strategic "safe" points in the Perl interpreter (e.g. ... and the Perl level handler from %SIG is executed. ... we are not in a system library function when the handler is called... ...
      (comp.lang.perl.misc)