Date: Thu, 17 Aug 2000 10:42:20 -0600 (MDT) From: "Jonathan M. Slivko" <jmslivko@simphost.com> To: Maxim Sobolev <sobomax@FreeBSD.org> Cc: Kris Kennaway <kris@FreeBSD.org>, Sheldon Hearn <sheldonh@uunet.co.za>, security@FreeBSD.org, ports@FreeBSD.org Subject: Re: Hilighting dangerous ports Message-ID: <Pine.BSF.4.21.0008171041560.70332-100000@alpha.simphost.com> In-Reply-To: <399C11B1.B69DCDED@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
heh, I agree with those notes totally :) But, I beleive that lynx-2.8.2ssl already has something like that. ---- Jonathan M. Slivko <jmslivko@simphost.com> Technical Support: Simple Hosting Solutions Sys Administrator: BN Networks Network Sol. ID: JSR730 Looking for shells and hosting? check out http://www.simphost.com for great deals! ---- On Thu, 17 Aug 2000, Maxim Sobolev wrote: > Kris Kennaway wrote: > > > On Wed, 16 Aug 2000, Sheldon Hearn wrote: > > > > > > What does everyone think of the attached patch to bsd.port.mk, which > > > > hilights potentially insecure files installed by a port at install-time? > > > > > > I like the idea. It would be even more of an improvement over the > > > status quo if a solution for packages could be found. Many folks use > > > packages only and many more use packages mostly. :-) > > > > In principle it's a straightforward thing, since pkg_add also has the > > PLIST available - it's just slightly more difficult to write the > > equivalent in C than as a shell script. > > Good idea. Few notes, though: > 1. There should be the way to disable security notification, so user will have > chance to shoot himself in a foot if he wants to. > 2. You not necessary have to modify pkg_add to check securitry of the package > being installed. IMHO the much easier is to add appropriate logic into > bsd.port.mk, which would display security warnings *and* append its copy into > MESSAGE, so the user will see it during package install. > > Just my 2 cents. > > -Maxim > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0008171041560.70332-100000>