Date: Fri, 22 Dec 2017 18:11:39 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-ports-bugs@FreeBSD.org Subject: [Bug 224526] [security][feature suggestion] Closed source binaries need to be labeled in ports, and explicitly allowed by users Message-ID: <bug-224526-13@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D224526 Bug ID: 224526 Summary: [security][feature suggestion] Closed source binaries need to be labeled in ports, and explicitly allowed by users Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Only Me Priority: --- Component: Ports Framework Assignee: portmgr@FreeBSD.org Reporter: yuri@freebsd.org CC: freebsd-ports-bugs@FreeBSD.org The problem: External binary executables generally present a higher security risk compar= ed to open source ones, because their source code can't be inspected, therefore requiring to trust the vendor. The users of a secure OS have the right to know what closed source software= is installed. Suggested solution: 1. Introduce a new Makefile tag for ports: CONTAINS_CLOSED_SOURCE_BINARY=3D= yes. 2, Introduce a new /etc/make.conf tag: TRUST_CLOSED_SOURCE_BINARY=3D<list of closed source ports that are allowed>. 3. Only allow to install ports with closed source when they are waived by u= ser in TRUST_CLOSED_SOURCE_BINARY. 4. pkg tool, and portupgrade/portmaster should all follow this rule too. 5. Allow asterisk matching in TRUST_CLOSED_SOURCE_BINARY so that users can = give blanket trust to */linux-* ports if they want. For example, I have x11/nvidia-driver installed which I would be inclined to trust. Other closed source packages are possible, but they should be review= ed by the user on case-by-case basis. One other such port is security/1password-client. All linux ports should be labeled with CONTAINS_CLOSED_SOURCE_BINARY=3Dyes, because they generally co= ntain binaries. This will assure users that the code they are running is trusted, and the t= rust is tracked and managed. This will be in a stark contrast with, say, Arch linux, which routinely downloads all sorts of binaries, puts 'SKIP' for the hash to make it easy, = and potentially subjects users to security intrusions. --=20 You are receiving this mail because: You are on the CC list for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-224526-13>