Add an confirmation screen describing the known security holes in

imap.
svn path=/head/; revision=27868
2024-12-26 05:02:18 +00:00 · 2000-04-21 22:11:47 +00:00 · 2000-04-21 22:11:47 +00:00 · 44de293c27 · 2021-03-31 03:12:20 +00:00
commit 44de293c27
parent ed14606656
2 changed files with 25 additions and 0 deletions
--- a/mail/imap-uw/Makefile
+++ b/mail/imap-uw/Makefile
@ -41,6 +41,11 @@ PLIST_SUB=	SHLIBNAME=${SHLIBNAME} SHLIBBASE=${SHLIBBASE}
 SHLIBNAME=	lib${SHLIBBASE}.so.${SHLIBMAJ}.0
 .endif

+pre-extract:
+.if !defined(BATCH) && !defined(PACKAGE_BUILDING)
+	@${SH} ${PKGDIR}/INSTALL foo PRE-INSTALL || ${FALSE}
+.endif
+
 post-configure:
 	@${ECHO_MSG} ">> The c-client shared library will be named ${SHLIBNAME}"
 .if ${PAMAUTH} != "no"
--- a/mail/imap-uw/pkg-install
+++ b/mail/imap-uw/pkg-install
@ -0,0 +1,20 @@
+#!/bin/sh
+TTY=/dev/tty
+
+case $2 in
+    POST-INSTALL)
+	;;
+    PRE-INSTALL)
+	if dialog --yesno "This port is not safe to use on a system which does not\nprovide shell access to users who can retrieve mail via IMAP.\nimapd contains buffer overflows which a user can exploit\nafter they have logged into imap to get access to their\naccount on the machine. If your imap users have shell access\nanyway, this is not a significant vulnerability.\n\nDo you wish to proceed with the build?" 13 65 < ${TTY} >${TTY} 2>&1; then
+	    exit 0
+	else
+	    exit 1
+	fi
+	;;
+    *)
+	echo "Unexpected argument $2!"
+	exit 1
+	;;
+esac
+exit 0
+