Date: Tue, 7 Aug 2007 08:56:39 -0500 From: "Scot Hetzel" <swhetzel@gmail.com> To: "Rakhesh Sasidharan" <rakhesh@rakhesh.com> Cc: freebsd-ports@freebsd.org Subject: Re: Building Pine with PASSFILE option Message-ID: <790a9fff0708070656j77bc1f82l6c267df10e65cdfc@mail.gmail.com> In-Reply-To: <20070807160649.Y22638@obelix.home.rakhesh.com> References: <20070807160649.Y22638@obelix.home.rakhesh.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 8/7/07, Rakhesh Sasidharan <rakhesh@rakhesh.com> wrote:
> I understand one can compile the email client Pine with an option
> PASSFILE=<some file name> to enable the option of saving your mail account
> passwords. The Pine website talks about it and so do many sites all over
> the net.
>
> FreeBSD's ports do not seem to offer such an option. I went through the
> Pine Makefile, however, and I see that the "EXTRA_OPTS" variable is what's
> used to compile Pine with extra configurable options.
>
> So my question is this: if I want to compile Pine from ports with this
> PASSFILE option, can I do something like the following in
> /usr/ports/mail/pine4?
>
> # make EXTRA_OPTS+=PASSFILE=.pine.pwd install
>
This won't work from the command line.
> I used the "+=" coz I got the got the impression that adds onto the
> existing extra options. And if I want to make this permanent, can I define
> it in /etc/make.conf accordingly?
>
> .if ${.CURDIR:M*/mail/pine4}
> EXTRA_OPTS+= PASSFILE=.pine.pwd
> .endif
>
But it will work from /etc/make.conf (using either "=" or "+="), as
long as you don't select LDAP support.
A better way to add support for PASSFILE, would be to add:
PASSFILE "Add support for a Pine Password File (DANGEROUS)" off
to the list of options, then add the following below .if
defined(WITH_IPV6) ... .endif:
.if defined(WITH_PASSFILE)
EXTRA_OPTS+= PASSFILE=.pine.pwd
.endif
You would then need to add a warning when this option is enabled, as
according to
doc/tech-notes.txt this option is dangerous:
PASSFILE
_WARNING!_ Turning this on is very dangerous and should
probably not be done, except on single user systems! For
:
_WARNING_! Use this feature with caution! It effectively makes
the user's mail no more secure than the physical security of
the machine running _Pine_. What's more, while the password is
cloaked by a mild (some might say, feeble) encryption scheme,
it is nonetheless sitting in a file on the disk and subject to
cracking by anyone with access to it. _BEWARE_!
After you make these changes and test them, submit the change using
send-pr for inclusion to the pine4 port. The maintainer will then
make the decision if this change is appropriate for the ports.
Scot
--
DISCLAIMER:
No electrons were mamed while sending this message. Only slightly bruised.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?790a9fff0708070656j77bc1f82l6c267df10e65cdfc>