From owner-svn-ports-head@FreeBSD.ORG Mon Oct 21 06:47:09 2013 Return-Path: Delivered-To: svn-ports-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id B78E01EB; Mon, 21 Oct 2013 06:47:09 +0000 (UTC) (envelope-from baptiste.daroussin@gmail.com) Received: from mail-wg0-x235.google.com (mail-wg0-x235.google.com [IPv6:2a00:1450:400c:c00::235]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id B0FC12E7D; Mon, 21 Oct 2013 06:47:08 +0000 (UTC) Received: by mail-wg0-f53.google.com with SMTP id y10so6215804wgg.32 for ; Sun, 20 Oct 2013 23:47:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=sender:date:from:to:cc:subject:message-id:references:mime-version :content-type:content-disposition:in-reply-to:user-agent; bh=rXs6RLvEFbhnBGCytNp53vzVjCTwWP/urDfvw00VpWA=; b=xBjXCxZYrSPbffpRpzEswF0m6g9cW2HciJTUlkRzi40wNem0twTftt8G5tK6332RFB vpmqs1080CtHskAc+M7yG9JVEN8c7jnTWpZK5dajQ9WFYm3+ANecUbGcdljepZNKK7EO AISw5G3SBb1reMNGR0kd/wku9wBx9VGIG0bK8aQgLdyt0GFfaOZlWA85kU6e0+OWFUgF exnqNkso24QovUSPHnr0tbuAQketUSOs49XAkbdzAUSoF0GTzYAK7ODRGtq/1qkJDvap bN3ljqcXTA3oilhu3amjbJ3N07egzmTDJO2CwcNsRyDcJzVhOhJ9/mlIVZQJPUVdw1wv Gx0A== X-Received: by 10.180.189.132 with SMTP id gi4mr8489006wic.19.1382338027051; Sun, 20 Oct 2013 23:47:07 -0700 (PDT) Received: from ithaqua.etoilebsd.net (ithaqua.etoilebsd.net. [37.59.37.188]) by mx.google.com with ESMTPSA id ma3sm28946227wic.1.2013.10.20.23.47.05 for (version=TLSv1 cipher=RC4-SHA bits=128/128); Sun, 20 Oct 2013 23:47:06 -0700 (PDT) Sender: Baptiste Daroussin Date: Mon, 21 Oct 2013 08:47:04 +0200 From: Baptiste Daroussin To: Eitan Adler Subject: Re: svn commit: r331046 - head/Mk/Scripts Message-ID: <20131021064704.GA29510@ithaqua.etoilebsd.net> References: <201310201812.r9KICnwq080041@svn.freebsd.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="wac7ysb48OaltWcw" Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.21 (2010-09-15) Cc: "svn-ports-head@freebsd.org" , "svn-ports-all@freebsd.org" , "ports-committers@freebsd.org" , Alex Kozlov X-BeenThere: svn-ports-head@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: SVN commit messages for the ports tree for head List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 21 Oct 2013 06:47:09 -0000 --wac7ysb48OaltWcw Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sun, Oct 20, 2013 at 03:01:38PM -0400, Eitan Adler wrote: > On Sun, Oct 20, 2013 at 2:12 PM, Alex Kozlov wrote: > > Author: ak > > Date: Sun Oct 20 18:12:49 2013 > > New Revision: 331046 > > URL: http://svnweb.freebsd.org/changeset/ports/331046 > > > > Log: > > - Add check for suid files and directories >=20 > Can you please add an in-port variable to disable this (NEEDS_SUID / > NEEDS_ROOT) or remove this check? >=20 > Warnings which may be ignored are not very useful. >=20 I do not think this is really a good way. First NEED_ROOT is a temporary kn= ob and should die as soon a possible as everything should be doable as a user. Second, SUID should remain rare enough so that people are not bothered by t= his warning all the time, but only a few time when they know it is useful, mean= ing they only have to ignore it when they know about. No port maintainer at all should be "discovering" that there are setuid fil= es in his packages so all of them should expect that warning. Alex: no need to change anything. regards, Bapt --wac7ysb48OaltWcw Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (FreeBSD) iEYEARECAAYFAlJkzegACgkQ8kTtMUmk6EwpnwCeM8Q6lcWO/v0rMz7PA6is7vXl 14sAoLQZOV3ElO92J0J3dNE5B65VtMqX =o+Rn -----END PGP SIGNATURE----- --wac7ysb48OaltWcw--