Date: Mon, 28 Oct 2013 00:51:18 GMT From: Eitan Adler <lists@eitanadler.com> To: freebsd-gnats-submit@FreeBSD.org Subject: ports/183379: remove "security" check from b.*.m Message-ID: <201310280051.r9S0pIQP045566@oldred.freebsd.org> Resent-Message-ID: <201310280100.r9S100jM050200@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 183379 >Category: ports >Synopsis: remove "security" check from b.*.m >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Mon Oct 28 01:00:00 UTC 2013 >Closed-Date: >Last-Modified: >Originator: Eitan Adler >Release: >Organization: >Environment: >Description: The FreeBSD Ports system has a few checks on files to be installed. These checks are not useful in any most cases and can be easily lost in the noise. A) The notice is not shown for packages B) Too many ports result in this notice resulting in it being ignored C) It is lost in the middle for dependencies D) Sometimes the 'insecure' functions are actually used security (pkg itself used to use mktemp) E) World writable folders are not always a problem and on. If this functionality is desired it should probably be a plugin to pkg instead. Please commit this: http://people.freebsd.org/~eadler/files/no-need-for-security-check.diff Discussed with: cperciva, jilles >How-To-Repeat: >Fix: >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201310280051.r9S0pIQP045566>