From owner-freebsd-security Thu Sep 14 10: 4:53 2000 Delivered-To: freebsd-security@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id 8F50E37B424; Thu, 14 Sep 2000 10:04:51 -0700 (PDT) Received: from localhost (kris@localhost) by freefall.freebsd.org (8.9.3/8.9.2) with ESMTP id KAA61241; Thu, 14 Sep 2000 10:04:51 -0700 (PDT) (envelope-from kris@FreeBSD.org) X-Authentication-Warning: freefall.freebsd.org: kris owned process doing -bs Date: Thu, 14 Sep 2000 10:04:51 -0700 (PDT) From: Kris Kennaway To: Ade Lovett Cc: "Louis A. Mamakos" , security@freebsd.org Subject: Re: potential security exposure in GNOME/ORBit? In-Reply-To: <20000914101417.A73358@FreeBSD.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, 14 Sep 2000, Ade Lovett wrote: > Please review the following patch.. I'll commit later today unless > I hear screams of anguish otherwise (note that there is no etc/orbitrc > installed by default, hence the initial overwriting). + +post-install: + @${ECHO} "ORBIIOPIPv4=0" > ${PREFIX}/etc/orbitrc + @${ECHO} "ORBIIOPIPv6=0" >> ${PREFIX}/etc/orbitrc Hmm. Doing it this way will spam any local configuration changes someone may make after installation when they upgrade to a new version..are there any other settings it is likely people may want to set in the orbitrc file? What may be better is to make those settings the default policy, and then install an orbitrc.sample showing how to override them and only remove that file, not orbitrc. Kris -- In God we Trust -- all others must submit an X.509 certificate. -- Charles Forsythe To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message