[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: openssh in debian, version 4.7, chroot patch



Sebastian Pipping <webmaster@hartwork.org> writes:
> Russ Allbery wrote:

>> Speaking as one of the former maintainers of openssh-krb5 (for a brief
>> period near the end of its life), I don't think this is a great idea.
>> Maintaining a separate forked copy of the ssh code base in another
>> package is painful from a security standpoint, and managing the shared
>> configuration and conflicts and whatnot can be rather horrific.

> I thought of it as a confliciting package sharing the same config
> files.

Right.  That's how we did ssh-krb5 for quite a while.  It unfortunately
turned out to be a major hassle and pain, and it was with much rejoicing
that we got rid of the split for the etch release.  I think we're all a
bit gun-shy about going down the same path again.

-- 
Russ Allbery (rra@debian.org)               <http://www.eyrie.org/~eagle/>


Reply to: