[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Miscellaneous things.

Is there logic in the makefiles to constrain builds based on desired
security levels?  Perhaps some sort of negative incentive whereby the
default security level excludes most ports unless you set a
"DESIRED_PORT_SEC_LEVEL" variable to a less constrained number could be
implemented.  This would require everyone installing the ports tree afresh
to at least pay attention to the issue. (Though arguably they wouldn't be
bothering to use OpenBSD unless they cared... you'd think.)


-----Original Message-----
From: owner-misc@openbsd.org [mailto:owner-misc@openbsd.org]On Behalf Of
Marc Espie
Sent: Friday, September 24, 1999 5:04 PM
To: misc@openbsd.org
Subject: Re: Miscellaneous things.

On Sat, Sep 25, 1999 at 02:37:39AM +0300, Toomas Kiisk wrote:
> N months ago somebody proposed adding X/Y/pkg/SECURITY file to
> ports/ tree. This was an excellent idea. If porter has made 0
> security checks, then at least package should be marked as such.

That was me.

There are 12 SECURITY files in the ports tree so far, out of 568 ports.

The rest has not been audited, or no one bothered to mention it.

	Marc Espie
|anime, sf, juggling, unicycle, acrobatics, comics...
|AmigaOS, OpenBSD, C++, perl, Icon, PostScript...
| `real programmers don't die, they just get out of beta'