Re: MITM attacks against portsnap and freebsd-update

David Noel wrote, On 04/10/2014 19:03:
> The reason I see for it to be retired is that subversion allows us to
> easily and securely check out the ports tree. It's a one-line command:
> `svn co https://...`. Keeping it up-to-date it is another one-liner:
> `cd /usr/ports; svn update`. With the inclusion of svnlite in base,
> the portsnap code and servers acting as mirrors become redundant and
> seem like a waste of resources.

One-liners are also sufficient for Portsnap.

Subversion, due to its scheme of keeping an uncompressed copy of each file in .svn trees, wastes ~410MiB of disk space (for ports; additionally, ~820MiB for src) for users who only want to build ports from source, not develop; whereas Portsnap wastes only ~140MiB.

Subversion is more of a resource strain on both clients and servers.

_______________________________________________
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org"