Date: Thu, 21 Jan 2010 03:47:49 +0100 From: "Julian H. Stacey" <jhs@berklix.com> To: ports@freebsd.org Subject: Suggestion: A new variable for a few Makefiles: IS_BINARY Message-ID: <201001210247.o0L2lno8035853@fire.js.berklix.net>
next in thread | raw e-mail | index | archive | help
Hi ports@ people, Suggestion: A new variable for a few ports Makefiles, eg /usr/ports/www/opera/Makefile BINARY="To install binaries lacking sources, use RISK_BINARIES=YES" to over-ride it one would use eg cd /usr/ports ; make RISK_BINARIES=YES install It could work similarly to IS_INTERACTIVE=YES in Makefiles that make BATCH=YES detects (to avoid unattended builds hanging on input). ports/Mk. has NO_BUILD, thats not the same thingm but good for a first quick hints where to add BINARY= in a few Makefile. One can see untrusted binaries with make extract ; find . -type f | sort | xargs file Look for eg: ELF 64-bit LSB shared object, ... It's too easy to install BLOBs without realising, eg if one has a hierarchy of ports/*/Makefile.local. The only warning at present is a few ports eg opera make too fast. Some may not don't mind installing binaries from elsewhere, but FreeSBD could protect more, not just allow MickeySoft style blind installs of unsourced binaries. Cheers, Julian -- Julian Stacey, BSD Unix Linux C Sys Eng Consultants Munich http://berklix.com Mail plain text not quoted-printable, HTML or Base64 http://www.asciiribbon.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201001210247.o0L2lno8035853>