variable data in pkg-message?
Florent Thoumie
flz at xbsd.org
Fri Feb 4 02:20:06 PST 2005
Mike Brown wrote:
> security-check.awk cannot reasonably be expected to figure out that a Python
> script that gets installed by my port is a daemon that imports another module
> in order to get a class that, when instantiated and a certain method is called,
> uses Python's socket.socket() to create servers.
>
> Therefore, post-install, I have a need to print my own security warning, like
>
> ===> SECURITY REPORT:
> This port has installed the following files which may act as network
> servers and may therefore pose a remote security risk to the system.
>
> %%FOO%%/mydaemond
>
> If there are vulnerabilities in these programs there may be a security
> risk to the system. FreeBSD makes no guarantee about the security of
> ports included in the Ports Collection. Please type 'make deinstall'
> to deinstall the port if this is a concern.
>
> I need to substitute %%FOO%% with ${BINDIR} in order to have the right path
> appear in the message. I can do this easily in my port's Makefile, which will
> be fine for people installing the port. But I don't think it's possible to do
> this for the people installing the package, because pkg-message is just going
> to be displayed as-is.
>
> What should be done?
Look at SUB_{FILES,LIST} (eg. net/bnbt).
I've submitted a PH update to explain how to use it [1].
[1] http://www.freebsd.org/cgi/query-pr.cgi?pr=docs/76688
--
Florent Thoumie
flz at xbsd.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 254 bytes
Desc: OpenPGP digital signature
Url : http://lists.freebsd.org/pipermail/freebsd-ports/attachments/20050204/a9febe7f/signature.bin
More information about the freebsd-ports
mailing list