ports vulnerabilities

Simon L. Nielsen simon at FreeBSD.org
Thu Nov 18 18:42:03 UTC 2004


On 2004.11.18 12:27:38 -0600, Kevin D. Kinsey, DaleCo, S.P. wrote:
> Dan Mahoney, System Admin wrote:
> 
> >I tried to install a port which had a conflict (ImageMagick)
> >but I didn't feel the vulnerability was significant enough to
> >warrant waiting for a new port to be created.  I looked in
> >the ports man page for an override environment variable,
> >but "vulnerability check" isn't even mentioned there. 
> >Could this please get stuck into the manpages?

First, the knob you are looking for is DISABLE_VULNERABILITIES, which
is not as nice at it sounds, since it just disables the check ;-).

> I'm cc-ing to doc@ ... we'll see if anyone wants to comment.
> [ Umm, yeah ... they're great guys, but busy.  We'll see....]

Good call, it's much more likely we will notice something when doc@
gets poked :-).

> You might also check with ports@ ... or just file a PR and
> see what comes of it.
> 
> It'l also quite possible that spending some time in the ports@
> list archives might turn up some of the info your're looking
> for....
> 
> Also, what manpage would you *expect* to see this information
> in?  You mention ports(7), but someone already thinks "this
> manpage is too long" ;-)

To start with the last part, see rc.conf(5) and you will see a long
manual page :-).  I think this belongs in ports(7).

Anyway, I actually added info about the DISABLE_VULNERABILITIES knob
to my local WIP tree a few weeks ago, I just haven't gotten around to
cleaning it up and committing it.  I will bump it a bit up on my TODO
list.

-- 
Simon L. Nielsen
FreeBSD Documentation Team
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-doc/attachments/20041118/551ad4fe/attachment.sig>


More information about the freebsd-doc mailing list