- Two directories are mode 1777; the user is alerted to
this during "make install".
- High score reporting doesn't work, to avoid having a
world-writable file.
- It is presumably possible for one user to prevent another
from playing by creating bogus savefiles in the mode 1777
directories. Frankly, I'm not going to devote my time to
solving game-play DoS attacks.
Previously, certain files (lib/data) were generated the first time
angband was run. These files are now obtained from my directory on
www.freebsd.org and are installed during "make install".
Several cleanups also, while I'm here.
This port is no longer BROKEN.
* This is small bugfix release over the last major release,
3.10.
* Exim 3.10 contains numerous bugfixes and new features,
described at:
ftp://ftp.exim.org/pub/exim/ChangeLogs/NewStuff-3.10.gz
Note that the new PAM support is _not_ enabled in this port yet.
sprintf() in insecure manner (may subject to buffer overflow, like xmindpath
in magicpoint).
If you really care, I can mark them BROKEN until they are confirmed to be safe.
also an overflow with ospf_monitor which may result in being able to corrupt
routing traffic (which I've reported to the developers)
According to the docs, gdc shouldn't be installed root:wheel and setuid,
but put into its own gdmaint group. This still doesn't prevent people in
that group from gaining root, though.
Submitted by: Brock Tellier <btellier@usa.net> (gdc bug)
Note that this port currently has no MAINTAINER, so will probably stay
broken until it either gets upgraded or fixed by someone who actually uses
it.
Submitted by: Brock Tellier <btellier@usa.net>
Submitted by: Anders Nordby <anders@fix.no>
NASL is a scripting language designed for the Nessus security scanner. Its
aim is to allow anyone to write a test for a given security hole in a few
minutes, to allow people to share their tests without having to worry
about their operating system, and to garantee everyone that a NASL script
can not do anything nasty except performing a given security test against
a given target.
NASL is not a powerful scripting language. Its purpose is to make scripts
that are security tests. So, do not expect to write a third generation web
server in this language, nor a file conversion utility. Use perl, python
or whatever scripting language to do this.
WWW: http://www.nessus.org/doc/nasl.html
Submitted by: maintainer
Update to 0.99.1, and disable nessus for compiling in -current.
Original patch submitted by the maintainer, and some fixes from me.
