Date: Mon, 28 May 2012 11:38:43 -0700 From: Eitan Adler <lists@eitanadler.com> To: Stephen Montgomery-Smith <stephen@missouri.edu> Cc: ports-security@freebsd.org, freebsd-ports@freebsd.org Subject: Re: math/sage security risk Message-ID: <CAF6rxgk=hfTm6isiJXaBxARhtxUxXKy9zf9nHw3VhPz6os4z9g@mail.gmail.com> In-Reply-To: <4FC3B293.6090701@missouri.edu> References: <4FC3B293.6090701@missouri.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On 28 May 2012 10:14, Stephen Montgomery-Smith <stephen@missouri.edu> wrote= : > After my recent conversations about creating a print/texlive-install port= , I > realize that my math/sage port might have a security risk. =C2=A0This onl= y > happens if the user selects additional optional packages. =C2=A0But the o= ptional > packages are downloaded post-fetch. > > I'll make some immediate band-aid changes to the port to switch this off, > but I'll think through the issue in the days to come. adding ports-security to cc so we could track the issue --=20 Eitan Adler
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAF6rxgk=hfTm6isiJXaBxARhtxUxXKy9zf9nHw3VhPz6os4z9g>