From owner-freebsd-ports Thu Aug 17 9:42:12 2000 Delivered-To: freebsd-ports@freebsd.org Received: from alpha.simphost.com (alpha.simphost.com [216.84.199.194]) by hub.freebsd.org (Postfix) with ESMTP id 5E77237C1C5; Thu, 17 Aug 2000 09:42:02 -0700 (PDT) Received: by alpha.simphost.com (Postfix, from userid 1004) id CE3BA30720; Thu, 17 Aug 2000 10:42:20 -0600 (MDT) Received: from localhost (localhost [127.0.0.1]) by alpha.simphost.com (Postfix) with ESMTP id CAA142C90F; Thu, 17 Aug 2000 10:42:20 -0600 (MDT) Date: Thu, 17 Aug 2000 10:42:20 -0600 (MDT) From: "Jonathan M. Slivko" To: Maxim Sobolev Cc: Kris Kennaway , Sheldon Hearn , security@FreeBSD.org, ports@FreeBSD.org Subject: Re: Hilighting dangerous ports In-Reply-To: <399C11B1.B69DCDED@FreeBSD.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-ports@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org heh, I agree with those notes totally :) But, I beleive that lynx-2.8.2ssl already has something like that. ---- Jonathan M. Slivko Technical Support: Simple Hosting Solutions Sys Administrator: BN Networks Network Sol. ID: JSR730 Looking for shells and hosting? check out http://www.simphost.com for great deals! ---- On Thu, 17 Aug 2000, Maxim Sobolev wrote: > Kris Kennaway wrote: > > > On Wed, 16 Aug 2000, Sheldon Hearn wrote: > > > > > > What does everyone think of the attached patch to bsd.port.mk, which > > > > hilights potentially insecure files installed by a port at install-time? > > > > > > I like the idea. It would be even more of an improvement over the > > > status quo if a solution for packages could be found. Many folks use > > > packages only and many more use packages mostly. :-) > > > > In principle it's a straightforward thing, since pkg_add also has the > > PLIST available - it's just slightly more difficult to write the > > equivalent in C than as a shell script. > > Good idea. Few notes, though: > 1. There should be the way to disable security notification, so user will have > chance to shoot himself in a foot if he wants to. > 2. You not necessary have to modify pkg_add to check securitry of the package > being installed. IMHO the much easier is to add appropriate logic into > bsd.port.mk, which would display security warnings *and* append its copy into > MESSAGE, so the user will see it during package install. > > Just my 2 cents. > > -Maxim > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message