-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 06.10.2006 11:26, * Alex Zbyslaw wrote: > Matt Emmerton wrote: > >>> Hello List, >>> >>> Portuadit telles my about the "open_basedir Race Condition >>> Vulnerability", OK. >>> >>> By reading the advisory on >>> http://www.hardened-php.net/advisory_082006.132.html I can safely say >>> this does not apply to our environment, we don't use open_basedir or >>> safe_mode and Suhosin is planned anyway (after test). >>> >>> [...] >>> So what to do now? >>> >> >> You've established that the security issue doesn't apply to your >> environment. >> >> 1) Add "DISABLE_VULNERABILITIES=yes" to /etc/make.conf >> 2) Run "portupgrade -u" or "make install clean" >> >> >> > By doing this you have disabled vulnerability checking for *all* ports > which seems a little extreme. Either add the flag to pkgtools.conf (for > portupgrade (and portmanager?)) or use it from the command line with make. > > --Alex
Thanks for the advice, as matter of fact this came to my mind too, so I actually did in make.conf was: ... # PHP 5 Port installation options .if${.CURDIR:M*/lang/php5*} DISABLE_VULNERABILITIES=yes .endif ... Greetings -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFFJwQmV5MZZmyxvGgRAsdoAKDdHsfC89K70PjrIYFMT7aUiLH2RgCgktA5 1DP/pLzWaI35xOtzc0RwVd0= =RqSa -----END PGP SIGNATURE----- _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"