diff options
| author | Jacques Vidrine <nectar@FreeBSD.org> | 2003-03-25 13:01:48 +0000 |
|---|---|---|
| committer | Jacques Vidrine <nectar@FreeBSD.org> | 2003-03-25 13:01:48 +0000 |
| commit | 33e059c87ec6c39e86e6adecdd5ed6dd3f5a8c50 (patch) | |
| tree | 47a713b55017f4d8d3655e8ca28950212fa83efa /chinese | |
| parent | Add libbf 0.8.2b, the Blowfish block cipher Library. (diff) | |
Mark FORBIDDEN. This port installs set-user-id executables which
call system() without sanitizing the environment. It is trivially
exploitable for root privileges.
Reported by: Niels Heinen <zillion@safemode.org>
Notes
Notes:
svn path=/head/; revision=77450
Diffstat (limited to 'chinese')
| -rw-r--r-- | chinese/chitex/Makefile | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/chinese/chitex/Makefile b/chinese/chitex/Makefile index 7af2603f142d..d8c0999ee9a1 100644 --- a/chinese/chitex/Makefile +++ b/chinese/chitex/Makefile @@ -27,6 +27,7 @@ DIST_SUBDIR= chitex WRKSRC= ${WRKDIR}/chitex612 NO_BUILD= YES NO_CDROM= 'Do not sell for profit.' +FORBIDDEN= 'Installs setuid root binaries that use system() unsafely' MAN1= awka.1 |