Re: [Sks-devel] DisUnitedStates.com down; Re: DB_ENV->set_lk_detect: unknown deadlock detection mode specified

[Daniel Kahn Gillmor]

On 06/25/2012 12:43 PM, Jeffrey Johnson wrote:
> On Jun 25, 2012, at 12:36 PM, Daniel Kahn Gillmor <address@hidden> wrote:
>> I'm open to other suggestions.  I believe that the current upgrade path
>> (while hilarious in a sad sort of way) will actually work for most people.
> 
> Bundling SKS+BDB (previously suggested) avoids the
> very hard to solve problem of "system" Berkeley DB.

and then if there are any security vulnerabilities in the bundled bdb,
we have to issue a new release of sks.  This is not only discouraged;
it's work i'd rather not do :)

> Backports of newer Berkeley DB "work" too, and likely
> have some other usage cases than SKS because of bdb+sqlite3 API.

right, this is one other path i considered, but i don't really want to
have to maintain a bdb backport for the remaining lifetime of squeeze.
maintaining an sks backport is sufficient for me :)

OTOH, if someone else is eager to responsibly maintain a bdb backport,
i'd be happy to make the sks backport rely on it.  Any takers?

> Not that there is much SKS need for db-5.x.y: any BDB later than db-4.6
> is gud enuf for SKS (until "system" db changes for other reasons).

yep.  That's why i'm OK settling with the squeeze default 4.8.

        --dkg

signature.asc
Description: OpenPGP digital signature