1 |
Dnia 2015-01-23, o godz. 17:27:16 |
2 |
Michael Orlitzky <mjo@g.o> napisał(a): |
3 |
|
4 |
> On 01/23/2015 05:07 PM, Michał Górny wrote: |
5 |
> > |
6 |
> >> Even `wget --no-check-certificate` would be a big improvement. |
7 |
> > |
8 |
> > ...because? |
9 |
> > |
10 |
> |
11 |
> You rule out some 13-year-olds in coffee shops as attackers. I |
12 |
> overstated -- since the user isn't replying with any data, it's not a |
13 |
> big improvement, but it's still a little better. |
14 |
|
15 |
So I have a few options at hand: |
16 |
|
17 |
1. put a checksum in the news item. The item is GPG-signed, so |
18 |
the checksum will be protected. Of course, nobody bothers to check |
19 |
the signature but anyway... Bad news is that I don't know of any |
20 |
command to check signature that would really fit in 80 chars. |
21 |
|
22 |
2. Put it .gpg-protected. Then oneliner is simple 'wget -O - ... | gpg |
23 |
-d | python' (I have no idea how far gpg verifies there). But it means |
24 |
that people who don't care and don't have GPG won't be able to use |
25 |
the one-liner. |
26 |
|
27 |
3. Put it in an ebuild, after all. This will add a lot of complexity |
28 |
but GPG comes for free, plus some people will actually test |
29 |
and stabilize it. |
30 |
|
31 |
Do you like 3.? |
32 |
|
33 |
> >> |
34 |
> >> No, but the error says to set it, not export it =) |
35 |
> > |
36 |
> > Thanks, mr troll. REALLY HELPFUL. |
37 |
> > |
38 |
> |
39 |
> Ok it looks stupid, but I was serious. I source my make.conf in |
40 |
> ~/.bashrc, so I have PORTDIR and friends set in my shell. I have PORTDIR |
41 |
> set, and the thing is telling me to set PORTDIR? It took me a moment to |
42 |
> realize what was wrong. It will certainly stump others. |
43 |
> |
44 |
> If what you really want them to do is prepend PORTDIR="..." before the |
45 |
> wget command, then why give them the wget command without it? Or if the |
46 |
> environment variable needs to be set and then exported, why not just say |
47 |
> that? The news items go out to tens of thousands of people so the more |
48 |
> explicit the instructions are, the better. Because then people won't bug |
49 |
> you about all the ways in which they misinterpreted the instructions. |
50 |
|
51 |
People usually won't need to do that. Unless they do something stupid |
52 |
like switching to a Python interpreter they disabled in the eclass... |
53 |
|
54 |
-- |
55 |
Best regards, |
56 |
Michał Górny |