Bug#675080: openssh: Possible switch to libbsd?
On Tue, May 29, 2012 at 09:00:56PM +0200, Guillem Jover wrote:
> OpenSSH contains an embedded BSD compat layer under openbsd-compat/,
> most of the stuff used by OpenSSH on GNU systems is now provided by
> libbsd (I've been adding stuff after checking users like OpenSSH).
>
> Before starting to work on a patch, which should mostly involve the
> build system, I was wondering if you'd be interested in it, given
> possible security implications?
Making that stuff diverge from OpenSSH upstream scares me, quite
honestly. What if they make a security-critical change in
openbsd-compat/ that you don't notice and sync into libbsd in time?
If you're going to do this, I think you should send it upstream as an
option that *they* explicitly support, and that way they've bought into
the notion that whatever they do needs to be in libbsd too.
Cheers,
--
Colin Watson [cjwatson@debian.org]
Reply to: