On May 28, 2012 5:23 PM, "Stephen Montgomery-Smith" <step...@missouri.edu> wrote: > > On 05/28/2012 10:47 AM, Michael Scheidell wrote: >> >> >> >> On 5/28/12 10:11 AM, Stephen Montgomery-Smith wrote: >>> >>> >>> How about if I add lines like this: >>> >>> .if !defined(IGNORE_SECURITY_RISK) >>> IGNORE= has a security risk because it downloads a file \ >>> without a checksum. Define IGNORE_SECURITY_RISK to build this port >>> .endif >>> >>> Would it be considered OK to commit it then? >> >> could you host it somewhere that won't go away at missouri.edu? >> > > > I could host it somewhere at missouri.edu that will stay as long as I am alive or keep my job. >
The main problem is the fetching of random files during build-- that is an issue faced by many ports. This is not generally allowed to happen, since these files are not verified either. What needs to happen is for the port to fetch all necessary files in the do-fetch stage. Unfortunately this makes it more complicated, but otherwise our users are simply better off fetching and installing the files themselves; the port makes it no easier. Chris _______________________________________________ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
