On 12/05/2013 08:11, Matthew Seaman wrote: > On 11/05/2013 22:15, RW wrote: >> FWIW I fetch files like this: >> >> >> for porg in `pkg version -Iol'<' |awk '{ print $1 }'` ; do >> echo "Checking - ${porg}" >> cd /usr/ports/${porg} >> make checksum || ( >> export RANDOMIZE_MASTER_SITES=yes >> make distclean >> make checksum >> ) >> done >> >> I do it that way because it avoids a lot of problems with rerolled >> files, but it would help with this problem too. > > I'm sorry, but this is a really bad idea and an irresponsible thing to > advise anyone else to do. You're throwing away all the security > benefits of using checksums, which are essentially that you can tell if > anyone has tampered with the distfiles you intend to compile. > > If you don't understand why that matters, then try reading this: > > http://slashdot.org/comments.pl?sid=37188&cid=3991288 > http://www.mavetju.org/unix/openssh-trojan.php
Damn. I'm sorry. I misread your code. It's perfectly fine. I apologise unreservedly for my earlier message. Matthew -- Dr Matthew J Seaman MA, D.Phil. PGP: http://www.infracaninophile.co.uk/pgpkey
signature.asc
Description: OpenPGP digital signature