Request to review: print/texlive-install
Chris Rees
utisoft at gmail.com
Mon May 28 16:37:16 UTC 2012
On May 28, 2012 5:23 PM, "Stephen Montgomery-Smith" <stephen at missouri.edu>
wrote:
>
> On 05/28/2012 10:47 AM, Michael Scheidell wrote:
>>
>>
>>
>> On 5/28/12 10:11 AM, Stephen Montgomery-Smith wrote:
>>>
>>>
>>> How about if I add lines like this:
>>>
>>> .if !defined(IGNORE_SECURITY_RISK)
>>> IGNORE= has a security risk because it downloads a file \
>>> without a checksum. Define IGNORE_SECURITY_RISK to build this port
>>> .endif
>>>
>>> Would it be considered OK to commit it then?
>>
>> could you host it somewhere that won't go away at missouri.edu?
>>
>
>
> I could host it somewhere at missouri.edu that will stay as long as I am
alive or keep my job.
>
The main problem is the fetching of random files during build-- that is an
issue faced by many ports.
This is not generally allowed to happen, since these files are not verified
either. What needs to happen is for the port to fetch all necessary files
in the do-fetch stage.
Unfortunately this makes it more complicated, but otherwise our users are
simply better off fetching and installing the files themselves; the port
makes it no easier.
Chris
More information about the freebsd-ports
mailing list