From owner-freebsd-ports  Wed Jul 19  5: 4:42 2000
Delivered-To: freebsd-ports@freebsd.org
Received: from ms.tokyo.jcom.ne.jp (ms.tokyo.jcom.ne.jp [210.234.123.18])
	by hub.freebsd.org (Postfix) with ESMTP
	id 4E79637BD53; Wed, 19 Jul 2000 05:04:39 -0700 (PDT)
	(envelope-from knu@idaemons.org)
Received: from daemon.local.idaemons.org (203-165-77-17.sugnm1.kt.home.ne.jp [203.165.77.17])
	by ms.tokyo.jcom.ne.jp (8.9.3/3.7W 04/27/00) with ESMTP id VAA23492;
	Wed, 19 Jul 2000 21:04:26 +0900 (JST)
Received: by daemon.local.idaemons.org (8.9.3/3.7W) id VAA74306; Wed, 19 Jul 2000 21:03:54 +0900 (JST)
Date: Wed, 19 Jul 2000 21:03:53 +0900
Message-ID: <86og3umimu.wl@localhost.local.idaemons.org>
From: "Akinori -Aki- MUSHA" <knu@idaemons.org>
To: alex@big.endian.de
Cc: asami@FreeBSD.ORG, ports@FreeBSD.ORG
Subject: Re: NO_CHECKSUM for only some files
In-Reply-To: In your message of "Wed, 19 Jul 2000 13:48:49 +0200"
	<20000719134849.A51793@cichlids.cichlids.com>
References: <20000719134849.A51793@cichlids.cichlids.com>
User-Agent: Wanderlust/1.1.2 (Raspberry Beret) EMIKO/1.13.12 (Euglena sociabilis) FLIM/1.13.2 (Kasanui) APEL/10.2 MULE XEmacs/21.1 (patch 10) (Capitol Reef) (i386--freebsd)
Organization: Associated I. Daemons
X-PGP-Public-Key: finger knu@FreeBSD.org
X-PGP-Fingerprint: 1BEF D9B2 BABD 25D7 659A  FD08 89C2 F3BE E981 4E16
MIME-Version: 1.0 (generated by EMIKO 1.13.12 - "Euglena sociabilis")
Content-Type: text/plain; charset=US-ASCII
Sender: owner-freebsd-ports@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

At Wed, 19 Jul 2000 13:48:49 +0200,
Alex wrote:
> Hello!
> I wonder if we could add some functionality to exclude specific files
> from the checksum-check.
> 
> But only some files.
> 
> A good example where this could be useful it the astro/xtide port:
> 
> While the source of the file should include the checksum-check (for
> trojans), the DATAFILE for the astro-stuff cannot contain trojans or
> similar.

No.  An intruder or a malicious administrator/user can put evil thing
in the file when you blindly call it `datafile'.

Any kind of files can contain Makefiles, configure scripts, etc. to
deceive the ports process.  I suppose we should hardly trust even
those `data' files,

Please think twice. ;)

-- 
                           /
                          /__  __       
                         / )  )  ) )  /
Akinori -Aki- MUSHA aka / (_ /  ( (__(  @ idaemons.org / FreeBSD.org

"We're only at home when we're on the run, on the wing, on the fly"


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ports" in the body of the message