Re: We need a new subject- bug fixes

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Rahul Sundaram wrote:
OpenOffice is the particular thing I had in mind, but I suspect there are others. I'm not talking about additional packages - this is in reference to your comment about not deviating from upstream. 

Again probably licensing reasons.
Licensing as in it is illegal to redistribute the upstream version, or licensing as in someone arbitrarily doesn't like or agree with the license?
I made no absolute statements that no packages ever deviate. I said that Fedora packages generally avoid patches and I stand by that. 

Hence my comment that it deviates when it suits their fancy to deviate.
I suppose if you break a program's intended functionality there's not so much to maintain. That doesn't seem like a great thing to do, though, especially without providing an easy/obvious way undo it. In any case it is hard to imagine any 'upstream' version of sendmail ever delivered with that configuration
Perhaps you send to actually check instead of speculating what upstream does. Sendmail is enabled by default but not configured to connect to external ports in order to deliver local mail for root user but avoid the additional security issues with connecting to external ports by default. If there is a security hole in sendmail and it connects to external ports by default, it is remotely exploitable. If only connects to local host, then the security risk is lowered.
That would apply to all network services, yet none of the others are handled this way. 

> I dont see how this is
breaking any functionality since this is a well documented configuration change for security reasons.
Documented as in 'man sendmail' where you expect to find documentation? How can removing network access from a network mail transport not break functionality? 

> It is trivially easy to uncomment a line

and configure sendmail to connect to external ports.
Yet no other network service requires this kind of change to bring the RH/fedora distribution version back to normal operation as you'd expect in the upstream version. 

> What exactly are you suggesting?
That the distribution sendmail configuration is handled entirely differently than all the other services that have distribution-specific and fairly systematic ways to activate them. It's not only different from upstream, it's different from every other fedora packaging modification in not moving the distro-specific changes under /etc/sysconfig and providing a config program to control it easily. 

--
  Les Mikesell
   lesmikesell@xxxxxxxxx
[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux