Date: Sun, 25 Oct 1998 19:48:40 -0800 From: Jamie Zawinski <jwz@jwz.org> To: freebsd-ports@FreeBSD.ORG Cc: Dom Mitchell <dom@phmit.demon.co.uk>, jseger@FreeBSD.ORG Subject: Re: ports/8411: update xscreensaver to 3.00 Message-ID: <3633F118.27EDB6FD@jwz.org>
next in thread | raw e-mail | index | archive | help
Dom Mitchell wrote:
>
> This is an update of the xscreensaver port to 3.00, the latest. I've
> taken out the patch which prevents it from using passwords (not sure
> why it was there...). It gets installed root, so it can read the
> password file. Personally, I like this.
Let me get this straight:
* you've disabled *security code* that by your own admission
you do not understand;
* you did so without even bothering to ask the author of that
code why it was there;
* and then you DISTRIBUTED THE RESULT???
Do whatever crazy things you like on your own system, but
DO NOT distribute xscreensaver modified in this way.
You have opened up a gaping security hole.
Please delete your modified version ASAP before someone is
foolish enough to install it somewhere where it can be exploited.
--
Jamie Zawinski
jwz@mozilla.org http://www.mozilla.org/ (work)
jwz@jwz.org http://www.jwz.org/ (play)
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3633F118.27EDB6FD>