Request to review: print/texlive-install
Stephen Montgomery-Smith
stephen at missouri.edu
Mon May 28 14:12:08 UTC 2012
On 05/27/2012 09:19 PM, Eitan Adler wrote:
> On 27 May 2012 18:14, Stephen Montgomery-Smith<stephen at missouri.edu> wrote:
>> There are a number of issues. In particular there is no checksum calculated
>> for install-tl-unx.tar.gz because I suspect that it changes very often.
>
> This is a security risk and must not be committed as is.
How about if I add lines like this:
.if !defined(IGNORE_SECURITY_RISK)
IGNORE= has a security risk because it downloads a file \
without a checksum. Define IGNORE_SECURITY_RISK to build this port
.endif
Would it be considered OK to commit it then?
More information about the freebsd-ports
mailing list