Matt Emmerton wrote:
Hello List,
Portuadit telles my about the "open_basedir Race Condition
Vulnerability", OK.
By reading the advisory on
http://www.hardened-php.net/advisory_082006.132.html I can safely say
this does not apply to our environment, we don't use open_basedir or
safe_mode and Suhosin is planned anyway (after test).
[...]
So what to do now?
You've established that the security issue doesn't apply to your
environment.
1) Add "DISABLE_VULNERABILITIES=yes" to /etc/make.conf
2) Run "portupgrade -u" or "make install clean"
By doing this you have disabled vulnerability checking for *all* ports
which seems a little extreme. Either add the flag to pkgtools.conf (for
portupgrade (and portmanager?)) or use it from the command line with make.
--Alex
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
