From owner-freebsd-stable@FreeBSD.ORG  Mon Oct 23 09:11:12 2006
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
X-Original-To: stable@freebsd.org
Delivered-To: freebsd-stable@FreeBSD.ORG
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 1E3E816A40F
	for <stable@freebsd.org>; Mon, 23 Oct 2006 09:11:12 +0000 (UTC)
	(envelope-from 000.fbsd@quip.cz)
Received: from slimak.dkm.cz (slimak.dkm.cz [62.24.64.34])
	by mx1.FreeBSD.org (Postfix) with SMTP id 3008D43D77
	for <stable@freebsd.org>; Mon, 23 Oct 2006 09:11:10 +0000 (GMT)
	(envelope-from 000.fbsd@quip.cz)
Received: (qmail 94205 invoked by uid 0); 23 Oct 2006 09:11:07 -0000
Received: from grimm.quip.cz (HELO ?192.168.1.2?) (213.220.192.218)
	by slimak.dkm.cz with SMTP; 23 Oct 2006 09:11:07 -0000
Message-ID: <453C872C.4040309@quip.cz>
Date: Mon, 23 Oct 2006 11:11:08 +0200
From: Miroslav Lachman <000.fbsd@quip.cz>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US;
	rv:1.7.12) Gecko/20050915
X-Accept-Language: cz, en, cs, en-us
MIME-Version: 1.0
To: Yoshihiro Ota <ota@j.email.ne.jp>
References: <20061022161044.GA4635@lordcow.org>	<453BB28B.9010601@quip.cz>
	<20061022180405.973f2692.ota@j.email.ne.jp>
In-Reply-To: <20061022180405.973f2692.ota@j.email.ne.jp>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Cc: gareth <bsd@lordcow.org>, stable@freebsd.org
Subject: Re: portaudit
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>, 
	<mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
	<mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 23 Oct 2006 09:11:12 -0000

Yoshihiro Ota wrote:
[...]
> Hello.
> 
> What are other ways?
> I want to see vulnerable message but still want to install
> without portupgrade being interrupted.
> 
> According to /usr/ports/Mk/bsd.port.mk, DISABLE_VULNERABILITIES=yes
> disables vulnerable check, don't it?

Yes, it disable vulnerability check at all and you will not see any 
vulnerable message.

Some vulnerable ports are also marked as FORBIDDEN in Makefile. If you 
want to install this port, you must comment out this line and use 
DISABLE_VULNERABILITIES=yes (eg awstats port)

I do not know any way to transparently install vulnerable port with 
vulnerable message withou portupgrade interruption.

I do not see any problem in actual behaviour, if some port is 
vulnerable, portupgrade / portinstall gives me the message, I can search 
the web for vulnerability details and if I think I can use this port 
anyway, I can run portupgrade / portinstall again with -m 
"DISABLE_VULNERABILITIES=yes".

Miroslav Lachman