Re: cvs commit: ports/multimedia/xine Makefile

• Previous message: Michael Nottebrock: "Re: cvs commit: ports/multimedia/xine Makefile"
• In reply to: Michael Nottebrock: "Re: cvs commit: ports/multimedia/xine Makefile"
• Next in thread: Joe Marcus Clarke: "Re: cvs commit: ports/multimedia/xine Makefile"
• Reply: Joe Marcus Clarke: "Re: cvs commit: ports/multimedia/xine Makefile"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Tue, 30 Mar 2004 11:13:12 +0200
To: Michael Nottebrock <michaelnottebrock@gmx.net>

Michael Nottebrock wrote:

> [...]
> However, it seems to me that marking ports FORBIDDEN for security
> reasons is more or less obsoleted (and made redundant) by
> portaudit/VuXML and committers having to hand-scan VuXML for updates and
> mark ports FORBIDDEN by hand just seems like duplicated (and
> error-prone) work... so maybe it's time to to away with marking ports
> FORBIDDEN for security reasons completely?

I think portmgr@ is the authority here. CC'ed.

> Also, what eik says about integrating portaudit into sysinstall (does
> this imply moving portaudit into the base-system at some point?) sounds
> very good to me, but I still don't like security-by-default schemes
> which can't be disabled by flipping a switch. FORBIDDEN ports are an
> example for this, forcing users to hand-edit a port Makefile in order to
> make it buildable (especially when the security issue is really minor or
> I'm not even affected) is just a tad too BOFH-ish for my taste.

Just build the port with NO_IGNORE=yes. To disable portaudit use
DISABLE_VULNERABILITIES=yes. A common namespace would be a good thing here,
I guess. There is currently no way to turn of warnings selectively (like
`read and understood'), I don't know if this would be useful.
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"

• Previous message: Michael Nottebrock: "Re: cvs commit: ports/multimedia/xine Makefile"
• In reply to: Michael Nottebrock: "Re: cvs commit: ports/multimedia/xine Makefile"
• Next in thread: Joe Marcus Clarke: "Re: cvs commit: ports/multimedia/xine Makefile"
• Reply: Joe Marcus Clarke: "Re: cvs commit: ports/multimedia/xine Makefile"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages OT: What will he do next? ... That was National Security. ... President Bush said Tuesday that a deal allowing an Arab company to take ... Senate Republican Leader Bill Frist urged the administration to ... Ports World, a state-owned business in the United Arab Emirates. ... (comp.sys.hp.mpe) Re: Political Analysis of Security Products ... > bee collected nor has any evidence of such a backdoor ever really been ... send several packets to ports on the target system. ... be used for booth sides of the security game. ... (Pen-Test) Re: Finally, a secure computer ... paranoia in the security aspects of IIS administration. ... security at the IBM website is compromised, ... I ran a port check on 10,000 plus ports (I ... > trouble downloading updates [I'm not sure about AVG pro, ... (microsoft.public.inetserver.iis.security) Re: Port security, continued ... CITING NATIONAL SECURITY, ... WASHINGTON - PRESIDENT BUSH WAS UNAWARE OF THE PENDING SALE ... THE WHITE HOUSE SAID WEDNESDAY. ... EMERGENCY LEGISLATION TO SUSPEND THE PORTS DEAL. ... (sci.med.transcription) Re: How you can help ... pleased to have you here as I sign a bill that will help protect the ... American people and our ports. ... Homeland Security, Michael Chertoff, for his service to the country. ... appreciate that Senate Majority Leader Bill Frist has joined us. ... (rec.gambling.poker)