Date: Fri, 06 Oct 2006 10:26:25 +0100 From: Alex Zbyslaw <xfb52@dial.pipex.com> To: Matt Emmerton <matt@gsicomp.on.ca>, Alain Wolf <wolf@k18.ch> Cc: freebsd-questions@freebsd.org Subject: Re: port php5 - what I am supposed to do here? Message-ID: <45262141.1080907@dial.pipex.com> In-Reply-To: <00aa01c6e8fa$fe19ce90$1200a8c0@gsicomp.on.ca> References: <eg4hu4$40i$1@sea.gmane.org> <00aa01c6e8fa$fe19ce90$1200a8c0@gsicomp.on.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
Matt Emmerton wrote: >>Hello List, >> >>Portuadit telles my about the "open_basedir Race Condition >>Vulnerability", OK. >> >>By reading the advisory on >>http://www.hardened-php.net/advisory_082006.132.html I can safely say >>this does not apply to our environment, we don't use open_basedir or >>safe_mode and Suhosin is planned anyway (after test). >> >> >>[...] >>So what to do now? >> >> > >You've established that the security issue doesn't apply to your >environment. > >1) Add "DISABLE_VULNERABILITIES=yes" to /etc/make.conf >2) Run "portupgrade -u" or "make install clean" > > > By doing this you have disabled vulnerability checking for *all* ports which seems a little extreme. Either add the flag to pkgtools.conf (for portupgrade (and portmanager?)) or use it from the command line with make. --Alex
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?45262141.1080907>