Date: Thu, 17 Aug 2000 19:24:17 +0300 From: Maxim Sobolev <sobomax@FreeBSD.org> To: Kris Kennaway <kris@FreeBSD.org> Cc: Sheldon Hearn <sheldonh@uunet.co.za>, security@FreeBSD.org, ports@FreeBSD.org Subject: Re: Hilighting dangerous ports Message-ID: <399C11B1.B69DCDED@FreeBSD.org> References: <Pine.BSF.4.21.0008160202110.98185-100000@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Kris Kennaway wrote: > On Wed, 16 Aug 2000, Sheldon Hearn wrote: > > > > What does everyone think of the attached patch to bsd.port.mk, which > > > hilights potentially insecure files installed by a port at install-time? > > > > I like the idea. It would be even more of an improvement over the > > status quo if a solution for packages could be found. Many folks use > > packages only and many more use packages mostly. :-) > > In principle it's a straightforward thing, since pkg_add also has the > PLIST available - it's just slightly more difficult to write the > equivalent in C than as a shell script. Good idea. Few notes, though: 1. There should be the way to disable security notification, so user will have chance to shoot himself in a foot if he wants to. 2. You not necessary have to modify pkg_add to check securitry of the package being installed. IMHO the much easier is to add appropriate logic into bsd.port.mk, which would display security warnings *and* append its copy into MESSAGE, so the user will see it during package install. Just my 2 cents. -Maxim To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?399C11B1.B69DCDED>