From 99e9a795f7a6dd9451dd7743c313fe75da45098b Mon Sep 17 00:00:00 2001 From: Masafumi Max NAKANE Date: Tue, 22 Feb 2000 07:55:45 +0000 Subject: [PATCH] Upgrade to 5.9.13. Show security warning at pre-fetch and the end of do-install. Now user must explicitly say that she wants to build this program, using ``make FORCE_BUILD=YES'' due to the security problems. --- net/delegate/Makefile | 37 ++++++++++++++++++++++++++++--------- net/delegate/distinfo | 2 +- net/delegate/pkg-message | 13 +++++++++++-- 3 files changed, 40 insertions(+), 12 deletions(-) diff --git a/net/delegate/Makefile b/net/delegate/Makefile index fe6e74513897..ee996ccade54 100644 --- a/net/delegate/Makefile +++ b/net/delegate/Makefile @@ -1,25 +1,44 @@ # New ports collection makefile for: DeleGate -# Version required: 5.9.12 +# Version required: 5.9.13 # Date created: 26 Jan 1997 # Whom: Masafumi NAKANE # # $FreeBSD$ # -DISTNAME= delegate5.9.12 -PKGNAME= delegate-5.9.12 +DISTNAME= delegate5.9.13 +PKGNAME= delegate-5.9.13 CATEGORIES= net www japanese MASTER_SITES= ftp://etlport.etl.go.jp/pub/DeleGate/ MAINTAINER= max@FreeBSD.org - -#FORBIDDEN= "Remote buffer overflow yielding setuid nobody shell" - +NO_PACKAGE= "Insecure program." MAKE_ENV= PATH=$${PATH}:. +IS_INTERACTIVE= YES -.if defined(BATCH) -pre-build: - @${ECHO} "MANAGER=root@localhost" >> ${WRKSRC}/DELEGATE_CONF +pre-fetch: +.if !defined(FORCE_BUILD) || ${FORCE_BUILD}!="YES" + @${ECHO} "*********************************************************************" + @${ECHO} "* WARNING! WARNING! WARNING! WARNING! WARNING! *" + @${ECHO} "* This program has know security problems which may allow a remote *" + @${ECHO} "* attacker to take control of your machine. *" + @${ECHO} "* See FreeBSD security advisory 00:04 for more information. *" + @${ECHO} "* *" + @${ECHO} "* It is strongly recommended that you avoid using this program. *" + @${ECHO} "* *" + @${ECHO} "* If you would like to use this program despite the danger, run *" + @${ECHO} "* make with ``FORCE_BUILD=YES'' *" + @${ECHO} "* WARNING! WARNING! WARNING! WARNING! WARNING! *" + @${ECHO} "*********************************************************************" + @${FALSE} +.else + @${ECHO} "*********************************************************************" + @${ECHO} "* WARNING! WARNING! WARNING! WARNING! WARNING! *" + @${ECHO} "* You have chosen to build an insecure program. *" + @${ECHO} "* This program has know security problems which may allow a remote *" + @${ECHO} "* attacker to take control of your machine. *" + @${ECHO} "* See FreeBSD security advisory 00:04 for more information. *" + @${ECHO} "*********************************************************************" .endif do-install: diff --git a/net/delegate/distinfo b/net/delegate/distinfo index faae071e251f..fef9a13b6474 100644 --- a/net/delegate/distinfo +++ b/net/delegate/distinfo @@ -1 +1 @@ -MD5 (delegate5.9.12.tar.gz) = 0ce66d63482595b6f0b22c19c66fd65f +MD5 (delegate5.9.13.tar.gz) = febd995ffa9444844dcc7a76a8ec0dde diff --git a/net/delegate/pkg-message b/net/delegate/pkg-message index 99d68eb79bbd..c4de2c7f287a 100644 --- a/net/delegate/pkg-message +++ b/net/delegate/pkg-message @@ -1,4 +1,13 @@ -********************************************************************** +********************************************************************* +* WARNING! WARNING! WARNING! WARNING! WARNING! * +* You have installed an insecure program. * +* This program has know security problems which may allow a remote * +* attacker to take control of your machine. * +* Use with great caution! * +* See FreeBSD security advisory 00:04 for more information. * +********************************************************************* + +---------------------------------------------------------------------- Now, edit the sample script in /usr/local/share/examples/delegate directory and copy it into /usr/local/etc/rc.d. Especially, don't forget to specify correct value for the MANAGER. @@ -8,4 +17,4 @@ delegated with no argument. Consult /usr/local/share/doc/delegate/Manual.txt for configuration information. -********************************************************************** +----------------------------------------------------------------------