ports installing "executable" libraries

Mikhail Teterin mi+kde at aldan.algebra.com
Wed Jun 9 02:29:32 GMT 2004


Some ports are installing libraries (and, possibly, other kinds of not
really executable files) with the x-bits on. The most recent one, I
noticed is ftp/curl:

	-rwxr-xr-x  1 root  wheel  205810 Jun  8 10:02 lib/libcurl.so.2

This results in a stern "security report":

      This port has installed the following files which may act as network
      servers and may therefore pose a remote security risk to the system.

Should this be considered a port's bug, or can the bsd.port.* take care
of automaticly removing the executable bits off anything, that is not an
executable (as per file(1), or per some other test)?


More information about the freebsd-ports mailing list