Re: RFC: Proposal: Install a /etc/ssl/cert.pem by default?
On 3 July 2014 18:03, Jonathan Anderson <jonathan@freebsd.org> wrote:
> Put another way, /etc/ssl and /usr/local/etc/ssl are additive, not
> subtractive: we can make it easy for users to install whatever CA bundles
> they like, but if you put a bad CA cert in the base system, I have to
> manually patch the base system, even in environments where I'd rather use
> binary releases and freebsd-update.
Lets turn it into a config file then? Why does this have to happen
at install time?
We are just dealing with defaults here. In general, the default
system should Just Work.
--
Eitan Adler
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
討論串 (同標題文章)
完整討論串 (本文為第 17 之 29 篇):