From owner-freebsd-ports@FreeBSD.ORG  Mon May 28 14:12:08 2012
Return-Path: <owner-freebsd-ports@FreeBSD.ORG>
Delivered-To: freebsd-ports@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id DD2C3106564A
	for <freebsd-ports@freebsd.org>; Mon, 28 May 2012 14:12:08 +0000 (UTC)
	(envelope-from stephen@missouri.edu)
Received: from wilberforce.math.missouri.edu (wilberforce.math.missouri.edu
	[128.206.184.213])
	by mx1.freebsd.org (Postfix) with ESMTP id 9B40C8FC08
	for <freebsd-ports@freebsd.org>; Mon, 28 May 2012 14:12:08 +0000 (UTC)
Received: from [127.0.0.1] (wilberforce.math.missouri.edu [128.206.184.213])
	by wilberforce.math.missouri.edu (8.14.5/8.14.5) with ESMTP id
	q4SEBr0K035585; Mon, 28 May 2012 09:11:53 -0500 (CDT)
	(envelope-from stephen@missouri.edu)
Message-ID: <4FC387A9.5070700@missouri.edu>
Date: Mon, 28 May 2012 09:11:53 -0500
From: Stephen Montgomery-Smith <stephen@missouri.edu>
User-Agent: Mozilla/5.0 (X11; Linux i686;
	rv:12.0) Gecko/20120430 Thunderbird/12.0.1
MIME-Version: 1.0
To: Eitan Adler <lists@eitanadler.com>
References: <CACsYpVOz1tnWO5e4S_OOSDGa7Q8OkztJ6HagHy58FY0J5RNCqQ@mail.gmail.com>
	<20120526090137.001691dc@scorpio>
	<ac8cb42c8cfedc59d2c7d6ccde74c476@anthesphoria.net>
	<4FC0F8EA.1090005@missouri.edu>
	<b532d4fdda7e4dfb99d4b4266fe7fe3c@anthesphoria.net>
	<4FC11B66.9000302@missouri.edu>
	<4b8eeb05337b220f301268ce014a159d@anthesphoria.net>
	<4FC2D159.4050801@missouri.edu>
	<CAF6rxg==b8BMsAoRaQY39StgxAQu7xCN2yt_K8mYH753nZm_7w@mail.gmail.com>
In-Reply-To: <CAF6rxg==b8BMsAoRaQY39StgxAQu7xCN2yt_K8mYH753nZm_7w@mail.gmail.com>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Cc: sam.lin4ml@gmail.com, =?UTF-8?B?cmU=?= <romain@blogreen.org>,
	=?UTF-8?B?VGFydGnDqA==?=, freebsd-ports@freebsd.org,
	=?UTF-8?B?Tmlrb2xhIEw=?=,
	=?UTF-8?B?ZcSNacSH?= <nikola.lecic@anthesphoria.net>
Subject: Re: Request to review: print/texlive-install
X-BeenThere: freebsd-ports@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Porting software to FreeBSD <freebsd-ports.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
	<mailto:freebsd-ports-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports>
List-Post: <mailto:freebsd-ports@freebsd.org>
List-Help: <mailto:freebsd-ports-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
	<mailto:freebsd-ports-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 28 May 2012 14:12:08 -0000

On 05/27/2012 09:19 PM, Eitan Adler wrote:
> On 27 May 2012 18:14, Stephen Montgomery-Smith<stephen@missouri.edu>  wrote:
>> There are a number of issues.  In particular there is no checksum calculated
>> for install-tl-unx.tar.gz because I suspect that it changes very often.
>
> This is a security risk and must not be committed as is.

How about if I add lines like this:

.if !defined(IGNORE_SECURITY_RISK)
IGNORE=         has a security risk because it downloads a file \
without a checksum.  Define IGNORE_SECURITY_RISK to build this port
.endif

Would it be considered OK to commit it then?