Date: Thu, 30 Mar 2000 10:02:48 -0500 From: Alan Clegg <abc@firehouse.net> To: tyson@stanfordalumni.org Cc: freebsd-questions@freebsd.org Subject: Re: Lynx forbidden Message-ID: <20000330100248.L3459@laptop.firehouse.net> In-Reply-To: <200003301452.JAA08782@radagast.wizard.net>; from tyson@stanfordalumni.org on Thu, Mar 30, 2000 at 09:52:12AM -0500 References: <200003301452.JAA08782@radagast.wizard.net>
next in thread | previous in thread | raw e-mail | index | archive | help
--L/bWm/e7/ricERqM Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable Out of the ether, tyson@stanfordalumni.org spewed forth the following bitst= ream: > I must be missing something obvious here. The LYNX port is > marked ``forbidden'' because of its vulnerability to > buffer overflow exploits; we have seen the security > advisory, and the port's make file refuses to build. [...] > It seems to me that the better course would be to allow > those who wish to go ahead and install it and take their=20 > chances. You can. Just comment out the: FORBIDDEN=3D "Riddled with buffer overflows exploitable by a malicious= server to execute code as the local user." line in /usr/ports/www/lynx/Makefile and go for it. Next time you cvsup, it will re-protect you from lynx, but no big deal. AlanC --L/bWm/e7/ricERqM Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 5.0i for non-commercial use MessageID: vvGv8XfanVpnfgN4JzcaVKAswMSRcu3D iQA/AwUBOONsmPcyv/gweBpYEQIDuwCg41DQ+Q1bFGxKp7iCHkhD+sZ4lVoAn1uh h/B+0OjTct+PIgs/oIz7C4jE =B/jD -----END PGP SIGNATURE----- --L/bWm/e7/ricERqM-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000330100248.L3459>