Allow linking against OpenSSL? (Was Re: [GENERAL] Debian package for freeradius_postgresql module)
Nicolas Baradakis
nbk at sitadelle.com
Sat Apr 8 23:02:44 CEST 2006
Tyler MacDonald wrote:
> This can have security implications too, since the end user will
> have to manually keep an eye out for security updates instead of
> just upgrading against security.debian.org.
In theory, you're right. In reality, FreeRADIUS has disclosed a
security problem on 20 March and there's still no official Debian
package available yet :(
So finally if you really care about security you'd better build
packages from sources anyway.
> So you provide a way of debianizing freeradius packages easily, even
> ones that aren't included with debian. Given that, another alternative
> (admittedly with it's own set of problems) would be an official freeradius
> apt repository.
This doesn't solve anything. The problem is that such packages aren't
distributable in binary form. If someone provides a repository, he
becomes an outlaw. (exaggeratedly)
--
Nicolas Baradakis
More information about the Freeradius-Users
mailing list