fetch extension - use local filename from content-disposition header

Dag-Erling Smørgrav des at des.no
Fri Dec 30 01:11:26 PST 2005

Ádám Szilveszter <adamsz at mailpont.hu> writes:
> You know, there are much bigger problems than that. For example the fact,
> that any vulnerability in fetch(1) or libfetch(3) is a remote root
> compromise candidate on FreeBSD, because the Ports system still insists on
> running it as root by default downloading distfiles from unchecked amd
> potentially unsecure servers all over the Internet.

Wrong.  If you go into a ports directory and type 'make install clean'
as an unprivileged user, the only parts of the build that actually run
with root privileges are the final portions of the installation

Dag-Erling Smørgrav - des at des.no

More information about the freebsd-current mailing list