Date: Thu, 30 Mar 2000 10:02:48 -0500 From: Alan Clegg <abc@firehouse.net> To: tyson@stanfordalumni.org Cc: freebsd-questions@freebsd.org Subject: Re: Lynx forbidden Message-ID: <20000330100248.L3459@laptop.firehouse.net> In-Reply-To: <200003301452.JAA08782@radagast.wizard.net>; from tyson@stanfordalumni.org on Thu, Mar 30, 2000 at 09:52:12AM -0500 References: <200003301452.JAA08782@radagast.wizard.net>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] Out of the ether, tyson@stanfordalumni.org spewed forth the following bitstream: > I must be missing something obvious here. The LYNX port is > marked ``forbidden'' because of its vulnerability to > buffer overflow exploits; we have seen the security > advisory, and the port's make file refuses to build. [...] > It seems to me that the better course would be to allow > those who wish to go ahead and install it and take their > chances. You can. Just comment out the: FORBIDDEN= "Riddled with buffer overflows exploitable by a malicious server to execute code as the local user." line in /usr/ports/www/lynx/Makefile and go for it. Next time you cvsup, it will re-protect you from lynx, but no big deal. AlanC [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 5.0i for non-commercial use MessageID: vvGv8XfanVpnfgN4JzcaVKAswMSRcu3D iQA/AwUBOONsmPcyv/gweBpYEQIDuwCg41DQ+Q1bFGxKp7iCHkhD+sZ4lVoAn1uh h/B+0OjTct+PIgs/oIz7C4jE =B/jD -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000330100248.L3459>