Date: Fri, 28 Jan 2000 17:34:36 +0900 From: Masafumi NAKANE <max@wide.ad.jp> To: kris@hub.freebsd.org Cc: serg@dor.zaural.ru, freebsd-security@FreeBSD.org, freebsd-bugs@FreeBSD.org Subject: Re: delegate buffer overflow (ports) Message-ID: <877lgufvc3.wl@fr.aslm.rim.or.jp> In-Reply-To: In your message of "Fri, 28 Jan 2000 00:07:52 -0800 (PST)" <Pine.BSF.4.21.0001280006430.12504-100000@hub.freebsd.org> References: <200001280739.MAA02652@dor.zaural.ru> <Pine.BSF.4.21.0001280006430.12504-100000@hub.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, I don't personally think it is too good idea to mark any ports broken/forbidden because of the security problem since they still are good in dialup home environment, which I assume there are many users of. Instead, I will make this port to ask the user if he/she really wants to continue the installation with the security information at ``pkg_add'', ``make pre-fetch'' and ``make install'' times. This still makes it possible to install the port without answering to the question when ${BATCH} is set, but that's usually only set in package building times. Cheers, Max At Fri, 28 Jan 2000 00:07:52 -0800 (PST), Kris Kennaway <kris@hub.freebsd.org> wrote: > Thanks for pointing it out..I'll look into this tomorrow and probably mark > it FORBIDDEN (BROKEN won't be enough to stop the package building, since > bento will try it anyway and notice it actually compiles :-) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?877lgufvc3.wl>