On 9/1/06, Kris Kennaway <[EMAIL PROTECTED]> wrote:
On Thu, Aug 31, 2006 at 10:19:24AM -0400, Kris Kennaway wrote:
> On Thu, Aug 31, 2006 at 06:15:18PM +0400, Andrew Pantyukhin wrote:
> > Under no circumstances should a port install world-writable
> > files or directories. In most cases this opens the system to all
> > kinds of attacks. A simple grep brings the following list of
> > makefiles to attention. I imagine that samba ports are
> > somehow justified, as for the other ones, I hope secteam and
> > committers will do something about them.
>
> The install process will warn about this (as well as group writable),
> so you can also grep for the warning message in the pointyhat logs.
Here's the list of world-writable from the last i386 6.x build:
Thanks, Kris! I'll be working on patches for some of them
this weekend.
_______________________________________________
freebsd-ports@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
