On Thu, Aug 31, 2006 at 06:15:18PM +0400, Andrew Pantyukhin wrote: > Under no circumstances should a port install world-writable > files or directories. In most cases this opens the system to all > kinds of attacks. A simple grep brings the following list of > makefiles to attention. I imagine that samba ports are > somehow justified, as for the other ones, I hope secteam and > committers will do something about them.
The install process will warn about this (as well as group writable), so you can also grep for the warning message in the pointyhat logs. Kris
pgpRgRzSlUaIf.pgp
Description: PGP signature
