Date: Sat, 11 Aug 2001 00:20:02 -0700 (PDT) From: John Merryweather Cooper <jmcoopr@webmail.bmi.net> To: freebsd-ports@FreeBSD.org Subject: Re: ports/29112: Potential security issues in Balsa & Encompass Message-ID: <200108110720.f7B7K2D23135@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR ports/29112; it has been noted by GNATS. From: John Merryweather Cooper <jmcoopr@webmail.bmi.net> To: freebsd-gnats-submit@FreeBSD.org, quik@quikbox.ca Cc: Subject: Re: ports/29112: Potential security issues in Balsa & Encompass Date: Sat, 11 Aug 2001 00:16:04 -0700 tmpnam() comes from Xlib The other symbols appear to come Balsa's linkage with libc itself. Curiously, none of these symbols are used/called by Balsa or it's support libraries. About the best that can be said is that the linkage warnings are set at a (perhaps appropriate) low threshold. The setkey(), des_setkey(), and des_cipher() warnings can be made to go away for this (and other) ports by linking with libcipher. Perhaps the ports widgets can be modified to add libcipher to the library chain with libc in appropriate circumstances. However, no additional functionality results from this. Short of expunging the remaining symbols from libc (far from likely--they're all standard calls), there's nothing more to do. jmc To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200108110720.f7B7K2D23135>