portaudit
Miroslav Lachman
000.fbsd at quip.cz
Mon Oct 23 09:11:12 UTC 2006
Yoshihiro Ota wrote:
[...]
> Hello.
>
> What are other ways?
> I want to see vulnerable message but still want to install
> without portupgrade being interrupted.
>
> According to /usr/ports/Mk/bsd.port.mk, DISABLE_VULNERABILITIES=yes
> disables vulnerable check, don't it?
Yes, it disable vulnerability check at all and you will not see any
vulnerable message.
Some vulnerable ports are also marked as FORBIDDEN in Makefile. If you
want to install this port, you must comment out this line and use
DISABLE_VULNERABILITIES=yes (eg awstats port)
I do not know any way to transparently install vulnerable port with
vulnerable message withou portupgrade interruption.
I do not see any problem in actual behaviour, if some port is
vulnerable, portupgrade / portinstall gives me the message, I can search
the web for vulnerability details and if I think I can use this port
anyway, I can run portupgrade / portinstall again with -m
"DISABLE_VULNERABILITIES=yes".
Miroslav Lachman
More information about the freebsd-stable
mailing list