[MacPorts] #16911: git-core requiring macports' ssh on leopard, openssh security concern
MacPorts
noreply at macports.org
Sat Oct 18 15:44:21 PDT 2008
#16911: git-core requiring macports' ssh on leopard, openssh security concern
---------------------------------+------------------------------------------
Reporter: bcbarnes at gmail.com | Owner: macports-tickets at lists.macosforge.org
Type: defect | Status: new
Priority: Normal | Milestone: Port Bugs
Component: ports | Version: 1.6.0
Resolution: | Keywords:
Port: |
---------------------------------+------------------------------------------
Comment(by blb at macports.org):
I definitely wouldn't call it hijacking as /usr/bin/ssh is still present
and usable just as before. Feel free to rearrange your PATH as needed, as
/opt/local/bin isn't an absolute requirement (it just makes it easier when
you want something installed from MacPorts to override something installed
with the system).
Also, when using 'Remote Login' in System Preferences, it will still use
Apple's sshd so the only security issue would be when using ssh as a
client (or if you specifically enable the MacPorts openssh launchd item,
which is off by default).
Finally, the reason it's used in the first place is that MacPorts tends to
prefer installing dependencies on its own instead of relying on what Apple
provides, see the
[http://trac.macports.org/wiki/FAQ#WhyisMacPortsusingitsownlibraries FAQ
entry] about this.
--
Ticket URL: <http://trac.macports.org/ticket/16911#comment:1>
MacPorts <http://www.macports.org/>
Ports system for Mac OS
More information about the macports-tickets
mailing list