ports security (was: fetch extension - use local filename from content-disposition header)

Eygene A. Ryabinkin freebsd at rea.mbslab.kiae.ru
Fri Dec 30 02:35:14 PST 2005

> I don't remember seeing it discussed.  Fetching as a non-privileged
> user seems like a really good idea to me.  Building as non-root would
> be nice, but doesn't really buy you much security wise (and will
> possibly break at least some programs that makes silly assumptions
> about build as root).
 OK, I'll try to play with the build system and portupgrade to add such
functionality. Do not promise that it will be done quickly, but someday
it will.

> Note that both of these features are somewhat paranoid security
> features, and the risk of getting compromised by either is much
> smaller than getting compromised by some other much more simple
> vulnerability.
 Sure. As much in the security field this is paranoid.

 Happy New Year!

BOFH excuse #147:
Party-bug in the Aloha protocol

More information about the freebsd-current mailing list