ports installing "executable" libraries
mi+kde at aldan.algebra.com
Wed Jun 9 02:29:32 GMT 2004
Some ports are installing libraries (and, possibly, other kinds of not
really executable files) with the x-bits on. The most recent one, I
noticed is ftp/curl:
-rwxr-xr-x 1 root wheel 205810 Jun 8 10:02 lib/libcurl.so.2
This results in a stern "security report":
This port has installed the following files which may act as network
servers and may therefore pose a remote security risk to the system.
Should this be considered a port's bug, or can the bsd.port.* take care
of automaticly removing the executable bits off anything, that is not an
executable (as per file(1), or per some other test)?
More information about the freebsd-ports