tech@mandoc.bsd.lv
 help / color / mirror / Atom feed
From: Alexis <surryhill@gmail.com>
To: Ingo Schwarze <schwarze@usta.de>, Kristaps Dzonsons <kristaps@bsd.lv>
Cc: tech@mdocml.bsd.lv
Subject: Re: Allow configure variables to be set from environment
Date: Tue, 20 Jan 2015 16:15:01 +0100	[thread overview]
Message-ID: <20150120151501.GA97151@kei> (raw)
In-Reply-To: <20150118033335.GA16562@iris.usta.de>

Hi Ingo, hi Kristaps,
first off thank you very much for the insightful responses.

As for the fragmentation of OS X package managers
you might be "delighted" to hear that there's also Nixpkgs ;)
http://nixos.org/nixpkgs/

> > but it should be done right.  Doing a naive installation isn't enough.

I'm all up for it.

> I'd thoroughly hate that.  If you do that, i will remove all reference
> to your port from the homepage, and if need be, publish a statement
> that you deliberately patch vulnerabilities into software you are
> porting, urging people to not use your work.

Understood, I won't do that and patching software is gravely
frowned upon in Homebrew.

> > (By the way, did you plan on cron'ing makewhatis(8) or anything?)

I haven't up until now. I would need to find out how Mac OS X updates
its manpages, probably via a LaunchDaemon / LaunchAgent.

> Oh wait a minute.  I think i see a solution.  If we specifically
> allow mandoc to follow symlinks only into the homebrew tree, but
> nowhere else, that seems safe.  It's a bit tricky to avoid race
> conditions, but i think there is a secure way to implement it.  Is
> there are standardized place where homebrew installs its real files,
> and where nobody in their right mind would ever put any confidential
> data?  Maybe /Cellar?  Is that right?

Homebrew may be installed wherever a user desires (though /usr/local
is recommended) ranging from /opt/homebrew to $HOME/.brew. Because
of this Homebrew can also be installed and used without sudo
if the file permissions (e.g. homebrew group with write access)
are set up accordingly.

Is it possible to to add a configure.local variable so that the suite
of mdocml tools are compiled specifically for the user's setup, i.e.
make the suggested "/Cellar" customizable?

> > Essentially, the question is whether you want mandoc as a
> > constellation of tools (a man replacement) with security tools
> > or a developer tool.

I'd be okay with it, mandoc -Tlint has already been very helpful
for me!

> True, but the above might be a solution.  If we manage to support
> that, it would actually be a safe man(1) for homebrew, much safer
> than the traditional BSD or man-db implementations.

This sounds even better.


Best,
Alexis
--
 To unsubscribe send an email to tech+unsubscribe@mdocml.bsd.lv

  reply	other threads:[~2015-01-20 15:15 UTC|newest]

Thread overview: 15+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <sfid-H20150116-225859-+021.89-1@spamfilter.osbf.lua>
2015-01-16 21:58 ` Alexis
2015-01-16 23:32   ` Thomas Klausner
2015-01-17  1:31     ` Ingo Schwarze
2015-01-17  1:07   ` Ingo Schwarze
2015-01-17 20:10     ` Kristaps Dzonsons
2015-01-18  3:33       ` Ingo Schwarze
2015-01-20 15:15         ` Alexis [this message]
2015-01-21 23:05           ` Ingo Schwarze
2015-01-22  0:21             ` Kristaps Dzonsons
2015-01-22  0:35               ` Ingo Schwarze
2015-01-22  7:32                 ` Alexis
2015-01-22  7:26             ` Alexis
2015-01-23 22:05               ` Ingo Schwarze
2015-01-20 15:19     ` Alexis
2015-01-21 21:07       ` Ingo Schwarze

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20150120151501.GA97151@kei \
    --to=surryhill@gmail.com \
    --cc=kristaps@bsd.lv \
    --cc=schwarze@usta.de \
    --cc=tech@mdocml.bsd.lv \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).