Date: Fri, 28 Jan 2000 17:34:36 +0900 From: Masafumi NAKANE <max@wide.ad.jp> To: kris@hub.freebsd.org Cc: serg@dor.zaural.ru, freebsd-security@FreeBSD.org, freebsd-bugs@FreeBSD.org Subject: Re: delegate buffer overflow (ports) Message-ID: <877lgufvc3.wl@fr.aslm.rim.or.jp> In-Reply-To: In your message of "Fri, 28 Jan 2000 00:07:52 -0800 (PST)" <Pine.BSF.4.21.0001280006430.12504-100000@hub.freebsd.org> References: <200001280739.MAA02652@dor.zaural.ru> <Pine.BSF.4.21.0001280006430.12504-100000@hub.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi,
I don't personally think it is too good idea to mark any ports
broken/forbidden because of the security problem since they still are
good in dialup home environment, which I assume there are many users
of.
Instead, I will make this port to ask the user if he/she really wants
to continue the installation with the security information at
``pkg_add'', ``make pre-fetch'' and ``make install'' times. This
still makes it possible to install the port without answering to the
question when ${BATCH} is set, but that's usually only set in package
building times.
Cheers,
Max
At Fri, 28 Jan 2000 00:07:52 -0800 (PST),
Kris Kennaway <kris@hub.freebsd.org> wrote:
> Thanks for pointing it out..I'll look into this tomorrow and probably mark
> it FORBIDDEN (BROKEN won't be enough to stop the package building, since
> bento will try it anyway and notice it actually compiles :-)
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?877lgufvc3.wl>