At least you can easily build your entire user land and kernel (and ports) on FreeBSD. It's very straight forward compared to Linux distros (Gentoo/arch some what excluded I guess). I suppose this isn't much consolation if you're worried about the upstream svn repo itself..... Generally I trust that svn updates are not pulling down back doored code. I don't have the time (or the capacity) to read though all of /usr/src.... Trying to use ports built from source along side prebuilt binaries from pkg is a complete fucking nightmare on FreeBSD. I routinely have to hack the pkg SQLite db file to make pkg audits reflect the actual state of my system. Need to invest some time in poudriere.... John
On Sep 16, 2016, at 2:29 PM, grarpamp <grarpamp@gmail.com> wrote:
On Fri, Sep 16, 2016 at 1:18 PM, Georgi Guninski <guninski@guninski.com> wrote: Is Debian _still_ vulnerable to automatic updates, it used to be?: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=820698;msg=5 Debian's Firefox/iceweasel in a VM still give warnings about autoupdates of addons when started from terminal (otherwise they are not visible ;) )
Here's FreeBSD's take on the issue... https://lists.freebsd.org/pipermail/freebsd-announce/2016-August/001739.html
Nevermind that they still [1] don't have their release iso's and everything else fully reproduceable and cryptographically traceable back to their source repository, in part because their silly choice of repo (svn) isn't capable of establishing cryptographic provenance over, and distribution of, the source, so unlike signable trees git or monotone there's a big gaping disconnect there. Though they are making good progress on reproduceability.
Oh, and OpenBSD still uses cvs for code authenticity, lol.
Don't mistake this to mean that Linux distroland and model is anything close to secure either. It's probably much worse.
[1] They claim signed / hashed isos and packages, and server / filesystem / commiter / sysadmin security / integrity are backtraceable and sufficient. And that monotonically increasing numeric commit revID's and 'workflow' prevent using something like git. I claim baloney.