Date: Mon, 28 Oct 2013 01:50:01 GMT From: Baptiste Daroussin <bapt@FreeBSD.org> To: freebsd-ports-bugs@FreeBSD.org Subject: Re: ports/183379: remove "security" check from b.*.m Message-ID: <201310280150.r9S1o1da062221@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR ports/183379; it has been noted by GNATS. From: Baptiste Daroussin <bapt@FreeBSD.org> To: Eitan Adler <lists@eitanadler.com> Cc: freebsd-gnats-submit@FreeBSD.org Subject: Re: ports/183379: remove "security" check from b.*.m Date: Mon, 28 Oct 2013 02:48:06 +0100 --8NvZYKFJsRX2Djef Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Oct 28, 2013 at 12:51:18AM +0000, Eitan Adler wrote: >=20 > >Number: 183379 > >Category: ports > >Synopsis: remove "security" check from b.*.m > >Confidential: no > >Severity: non-critical > >Priority: low > >Responsible: freebsd-ports-bugs > >State: open > >Quarter: =20 > >Keywords: =20 > >Date-Required: > >Class: change-request > >Submitter-Id: current-users > >Arrival-Date: Mon Oct 28 01:00:00 UTC 2013 > >Closed-Date: > >Last-Modified: > >Originator: Eitan Adler > >Release: =20 > >Organization: > >Environment: > >Description: > The FreeBSD Ports system has a few checks on files to be installed. >=20 > These checks are not useful in any most cases and can be easily lost in t= he noise. >=20 > A) The notice is not shown for packages > B) Too many ports result in this notice resulting in it being ignored > C) It is lost in the middle for dependencies > D) Sometimes the 'insecure' functions are actually used security (pkg its= elf used to use mktemp) > E) World writable folders are not always a problem >=20 > and on. >=20 > If this functionality is desired it should probably be a plugin to pkg in= stead. >=20 > Please commit this: http://people.freebsd.org/~eadler/files/no-need-for-s= ecurity-check.diff >=20 > Discussed with: cperciva, jilles I totally agree: how ever the patch isn't totally correct, I discussed the details with Eita= n on irc so he should come back to that patch once the bsd.fpc.mk and bsd.php.mk= are properly fixed. if someone it missing those message then we can move part (not all anyway) = into qa.sh, but for now just drop it. regards, Bat --8NvZYKFJsRX2Djef Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (FreeBSD) iEYEARECAAYFAlJtwlUACgkQ8kTtMUmk6EygQwCguBo8cXn9mtzRLIR5Ku26hc4X 9uMAoKk3wPTkfISsjASW+ZkOgWfZcNvQ =QEMw -----END PGP SIGNATURE----- --8NvZYKFJsRX2Djef--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201310280150.r9S1o1da062221>