From owner-freebsd-ports@FreeBSD.ORG  Thu Jan 21 02:48:03 2010
Return-Path: <owner-freebsd-ports@FreeBSD.ORG>
Delivered-To: ports@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 8A98B106566B
	for <ports@freebsd.org>; Thu, 21 Jan 2010 02:48:03 +0000 (UTC)
	(envelope-from jhs@berklix.com)
Received: from tower.berklix.org (tower.berklix.org [83.236.223.114])
	by mx1.freebsd.org (Postfix) with ESMTP id 159978FC17
	for <ports@freebsd.org>; Thu, 21 Jan 2010 02:48:02 +0000 (UTC)
Received: from park.js.berklix.net (p549A68F8.dip.t-dialin.net
	[84.154.104.248]) (authenticated bits=0)
	by tower.berklix.org (8.14.2/8.14.2) with ESMTP id o0L2m0vD047412
	for <ports@freebsd.org>; Thu, 21 Jan 2010 02:48:01 GMT
	(envelope-from jhs@berklix.com)
Received: from fire.js.berklix.net (fire.js.berklix.net [192.168.91.41])
	by park.js.berklix.net (8.13.8/8.13.8) with ESMTP id o0L2ltN5043877
	for <ports@freebsd.org>; Thu, 21 Jan 2010 03:47:55 +0100 (CET)
	(envelope-from jhs@berklix.com)
Received: from fire.js.berklix.net (localhost [127.0.0.1])
	by fire.js.berklix.net (8.14.3/8.14.3) with ESMTP id o0L2lno8035853
	for <ports@freebsd.org>; Thu, 21 Jan 2010 03:47:55 +0100 (CET)
	(envelope-from jhs@fire.js.berklix.net)
Message-Id: <201001210247.o0L2lno8035853@fire.js.berklix.net>
To: ports@freebsd.org
From: "Julian H. Stacey" <jhs@berklix.com>
Organization: http://www.berklix.com BSD Linux Unix Consultancy, Munich Germany
User-agent: EXMH on FreeBSD http://www.berklix.com/free/
X-URL: http://www.berklix.com/~jhs/cv/
Date: Thu, 21 Jan 2010 03:47:49 +0100
Sender: jhs@berklix.com
Cc: 
Subject: Suggestion: A new variable for a few Makefiles: IS_BINARY
X-BeenThere: freebsd-ports@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Porting software to FreeBSD <freebsd-ports.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
	<mailto:freebsd-ports-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports>
List-Post: <mailto:freebsd-ports@freebsd.org>
List-Help: <mailto:freebsd-ports-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
	<mailto:freebsd-ports-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Jan 2010 02:48:03 -0000

Hi ports@ people,
Suggestion: A new variable for a few ports Makefiles, eg 
/usr/ports/www/opera/Makefile
	BINARY="To install binaries lacking sources, use RISK_BINARIES=YES"
to over-ride it one would use eg
	cd /usr/ports ; make RISK_BINARIES=YES install

It could work similarly to
	IS_INTERACTIVE=YES
in Makefiles that 
	make BATCH=YES
detects (to avoid unattended builds hanging on input).

ports/Mk. has NO_BUILD, thats not the same thingm 
but good for a first quick hints where to add BINARY= in a few Makefile.

One can see untrusted binaries with
	make extract ; find . -type f | sort | xargs file
Look for eg:
	ELF 64-bit LSB shared object, ...

It's too easy to install BLOBs without realising, eg if one has a
hierarchy of ports/*/Makefile.local.  The only warning at present
is a few ports eg opera make too fast.  Some may not don't mind
installing binaries from elsewhere, but FreeSBD could protect more,
not just allow MickeySoft style blind installs of unsourced binaries.

Cheers,
Julian
--
Julian Stacey, BSD Unix Linux C Sys Eng Consultants Munich http://berklix.com
Mail plain text not quoted-printable, HTML or Base64 http://www.asciiribbon.org