|Summary:||[bsd.port.mk] remove "security" check from b.*.m|
|Product:||Ports & Packages||Reporter:||Eitan Adler <eadler>|
|Component:||Ports Framework||Assignee:||Port Management Team <portmgr>|
|Status:||Closed Not Accepted|
|Severity:||Affects Only Me||CC:||delphij|
Description Eitan Adler 2013-10-28 01:00:00 UTC
The FreeBSD Ports system has a few checks on files to be installed. These checks are not useful in any most cases and can be easily lost in the noise. A) The notice is not shown for packages B) Too many ports result in this notice resulting in it being ignored C) It is lost in the middle for dependencies D) Sometimes the 'insecure' functions are actually used security (pkg itself used to use mktemp) E) World writable folders are not always a problem and on. If this functionality is desired it should probably be a plugin to pkg instead. Please commit this: http://people.freebsd.org/~eadler/files/no-need-for-security-check.diff Discussed with: cperciva, jilles
Comment 1 Baptiste Daroussin 2013-10-28 01:48:06 UTC
I totally agree: how ever the patch isn't totally correct, I discussed the details with Eitan on irc so he should come back to that patch once the bsd.fpc.mk and bsd.php.mk are properly fixed. if someone it missing those message then we can move part (not all anyway) into qa.sh, but for now just drop it. regards, Bat
Comment 2 Mark Linimon 2013-10-28 03:59:34 UTC
Responsible Changed From-To: freebsd-ports-bugs->portmgr Fix synopsis and assign.
Comment 3 Bryan Drewery 2013-10-28 13:12:12 UTC
I think we should have replacements in place before removing this. I find these notices useful, even if not well implemented currently. -- Regards, Bryan Drewery
Comment 4 Mark Linimon 2014-06-02 01:58:58 UTC
Comment 5 Xin LI 2015-06-01 07:38:14 UTC
Ping? Is this still being worked on?
Comment 6 Baptiste Daroussin 2019-09-04 14:53:35 UTC
Given the lack on interested in the last 4 years for this port, I will close it.