lib dependency confusion

Daniel J. Luke dluke at geeklair.net
Fri Jan 12 22:38:51 UTC 2018


On Jan 12, 2018, at 5:22 PM, Bill Cole <macportsusers-20171215 at billmail.scconsult.com> wrote:
> All very well and good for a machine running an OS version that got the ShellShock update from Apple.

people probably shouldn't be running an OS version that hasn't been patched for a 4 year old vulnerability.

> One of the use cases for MacPorts is to keep older Macs that are physically capable of doing significant work (e.g. as servers) updated in regards to the open source parts of MacOS.

I don't believe MacPorts should be in the business of helping people keep vulnerable (unsupported by upstream security patches) systems connected to the shared public resource that is the internet. I agree that the hardware is still useful and would suggest that there are alternative operating systems that are maintained and receive security patches that they could run instead.

-- 
Daniel J. Luke





More information about the macports-users mailing list