Re: openssh in debian, version 4.7, chroot patch
Sebastian Pipping <webmaster@hartwork.org> writes:
> Russ Allbery wrote:
>> Speaking as one of the former maintainers of openssh-krb5 (for a brief
>> period near the end of its life), I don't think this is a great idea.
>> Maintaining a separate forked copy of the ssh code base in another
>> package is painful from a security standpoint, and managing the shared
>> configuration and conflicts and whatnot can be rather horrific.
> I thought of it as a confliciting package sharing the same config
> files.
Right. That's how we did ssh-krb5 for quite a while. It unfortunately
turned out to be a major hassle and pain, and it was with much rejoicing
that we got rid of the split for the etch release. I think we're all a
bit gun-shy about going down the same path again.
--
Russ Allbery (rra@debian.org) <http://www.eyrie.org/~eagle/>
Reply to:
- References:
- openssh in debian, version 4.7, chroot patch
- From: Sebastian Pipping <webmaster@hartwork.org>
- Re: openssh in debian, version 4.7, chroot patch
- From: Colin Watson <cjwatson@debian.org>
- Re: openssh in debian, version 4.7, chroot patch
- From: Sebastian Pipping <webmaster@hartwork.org>
- Re: openssh in debian, version 4.7, chroot patch
- From: Russ Allbery <rra@debian.org>
- Re: openssh in debian, version 4.7, chroot patch
- From: Sebastian Pipping <webmaster@hartwork.org>