Date: Tue, 8 Jun 2004 22:29:29 -0400 From: Mikhail Teterin <mi+kde@aldan.algebra.com> To: ports@FreeBSD.org Cc: roam@FreeBSD.org Subject: ports installing "executable" libraries Message-ID: <200406082229.29787@aldan>
next in thread | raw e-mail | index | archive | help
Hello!
Some ports are installing libraries (and, possibly, other kinds of not
really executable files) with the x-bits on. The most recent one, I
noticed is ftp/curl:
-rwxr-xr-x 1 root wheel 205810 Jun 8 10:02 lib/libcurl.so.2
This results in a stern "security report":
This port has installed the following files which may act as network
servers and may therefore pose a remote security risk to the system.
Should this be considered a port's bug, or can the bsd.port.* take care
of automaticly removing the executable bits off anything, that is not an
executable (as per file(1), or per some other test)?
-mi
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200406082229.29787>