On Tue, Jul 29, 2008 at 11:20 AM, macintoshzoom <[EMAIL PROTECTED]> wrote: > Updating to current I got this on many packages when pkg_add -v -i -u > with PKG_PATH=xxx/snapshot/xxx : > > e.g.: New package libglade2-2.6.2p1 contains potentially unsafe operations > @exec /usr/local/share/libxml2/rebuild > proceed? > > Q1- Do I have to say yes to all? > It seems that if I say not many packages will not upgrade, the whole > system may have dependency problems ...? > > Q2- What kind of dangers give those "potentially unsafe operations", > highly critical, less critical? > > Q3- Did any of you got any security problems when said Q1 all yes? > > Q4- If there is no real dangers, why OpenBSD afraid us with those warnings? > I can't sleep well anymore after saying yes to all those "unsafe" warnings. >
I might be wrong about this, but I'm pretty sure the "potentially unsafe" refers to the "@exec" and not the " /usr/local/share/libxml2/rebuild". It's just warning you that the package is calling external scripts, and making sure you know that before you let it happen. So long as you got the packages from a trusted source you should be fine. You could always go read the files that it is @exec'ing and see what they are doing just to be really paranoid. -Nick _______________________________________________ Openbsd-newbies mailing list [email protected] http://mailman.theapt.org/listinfo/openbsd-newbies
