View | Details | Raw Unified | Return to bug 49969
Collapse All | Expand All

(-)bsd.port.mk (-4 / +13 lines)
Lines 2912-2922 Link Here
2912 
#   2.  accept()/recvfrom() which indicates network listening capability
 2912 
#   2.  accept()/recvfrom() which indicates network listening capability
2913 
#   3.  insecure functions (gets/mktemp/tempnam/[XXX])
 2913 
#   3.  insecure functions (gets/mktemp/tempnam/[XXX])
2914 
#   4.  startup scripts, in conjunction with 2.
 2914 
#   4.  startup scripts, in conjunction with 2.
2915 
#
 2915 
#   5.  world-writable files/dirs
2916 
#  TODO:  world-writable files/dirs
2917 
#
 2916 
#
2918 
	-@rm -f ${WRKDIR}/.PLIST.setuid ${WRKDIR}/.PLIST.stupid \
 2917 
	-@rm -f ${WRKDIR}/.PLIST.setuid ${WRKDIR}/.PLIST.stupid \
2919 
		${WRKDIR}/.PLIST.network; \
 2918 
		${WRKDIR}/.PLIST.network ${WRKDIR}/.PLIST.writable; \
2920 
	if [ -n "$$PORTS_AUDIT" ]; then \
 2919 
	if [ -n "$$PORTS_AUDIT" ]; then \
2921 
		stupid_functions_regexp=' (gets|mktemp|tempnam|tmpnam|strcpy|strcat|sprintf)$$'; \
 2920 
		stupid_functions_regexp=' (gets|mktemp|tempnam|tmpnam|strcpy|strcat|sprintf)$$'; \
2922 
	else \
 2921 
	else \
Lines 2950-2958 Link Here
2950 
				fi; \
 2949 
				fi; \
2951 
			fi; \
 2950 
			fi; \
2952 
		fi; \
 2951 
		fi; \
2952 
		if [ ! -L "${PREFIX}/$$i" ]; then \
2953 
			if [ -n "`/usr/bin/find ${PREFIX}/$$i -prune -perm -0002 2>/dev/null`" ]; then \
2954 
				 echo ${PREFIX}/$$i >> ${WRKDIR}/.PLIST.writable; \
2955 
			fi; \
2956 
		fi; \
2953 
	done; \
 2957 
	done; \
2954 
	${GREP} '^etc/rc.d/' ${TMPPLIST} > ${WRKDIR}/.PLIST.startup; \
 2958 
	${GREP} '^etc/rc.d/' ${TMPPLIST} > ${WRKDIR}/.PLIST.startup; \
2955 
	if [ -s ${WRKDIR}/.PLIST.setuid -o -s ${WRKDIR}/.PLIST.network ]; then \
 2959 
	if [ -s ${WRKDIR}/.PLIST.setuid -o -s ${WRKDIR}/.PLIST.network -o -s ${WRKDIR}/.PLIST.writable ]; then \
2956 
		if [ -n "$$PORTS_AUDIT" ]; then \
 2960 
		if [ -n "$$PORTS_AUDIT" ]; then \
2957 
			echo "===>  SECURITY REPORT (PARANOID MODE): "; \
 2961 
			echo "===>  SECURITY REPORT (PARANOID MODE): "; \
2958 
		else \
 2962 
		else \
Lines 2976-2981 Link Here
2976 
				echo; \
 2980 
				echo; \
2977 
			fi; \
 2981 
			fi; \
2978 
		fi; \
 2982 
		fi; \
2983 
		if [ -s ${WRKDIR}/.PLIST.writable ] ; then \
2984 
			echo "      This port has installed the following world-writable files/directories."; \
2985 
			${CAT} ${WRKDIR}/.PLIST.writable; \
2986 
			echo; \
2987 
		fi; \
2979 
		echo "      If there are vulnerabilities in these programs there may be a security"; \
 2988 
		echo "      If there are vulnerabilities in these programs there may be a security"; \
2980 
		echo "      risk to the system. FreeBSD makes no guarantee about the security of"; \
 2989 
		echo "      risk to the system. FreeBSD makes no guarantee about the security of"; \
2981 
		echo "      ports included in the Ports Collection. Please type 'make deinstall'"; \
 2990 
		echo "      ports included in the Ports Collection. Please type 'make deinstall'"; \

Return to bug 49969