Date: Fri, 4 Feb 2005 02:42:06 -0700 (MST) From: Mike Brown <mike@skew.org> To: freebsd-ports@freebsd.org Subject: variable data in pkg-message? Message-ID: <200502040942.j149g60T079093@chilled.skew.org>
next in thread | raw e-mail | index | archive | help
security-check.awk cannot reasonably be expected to figure out that a Python
script that gets installed by my port is a daemon that imports another module
in order to get a class that, when instantiated and a certain method is called,
uses Python's socket.socket() to create servers.
Therefore, post-install, I have a need to print my own security warning, like
===> SECURITY REPORT:
This port has installed the following files which may act as network
servers and may therefore pose a remote security risk to the system.
%%FOO%%/mydaemond
If there are vulnerabilities in these programs there may be a security
risk to the system. FreeBSD makes no guarantee about the security of
ports included in the Ports Collection. Please type 'make deinstall'
to deinstall the port if this is a concern.
I need to substitute %%FOO%% with ${BINDIR} in order to have the right path
appear in the message. I can do this easily in my port's Makefile, which will
be fine for people installing the port. But I don't think it's possible to do
this for the people installing the package, because pkg-message is just going
to be displayed as-is.
What should be done?
Thanks :)
Mike
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200502040942.j149g60T079093>