From 274db9e5c8ff8424c602994bbe63d1fb916bb4cc Mon Sep 17 00:00:00 2001 From: Steve Price Date: Wed, 30 Jun 1999 19:27:31 +0000 Subject: In an attempt to avoid possible security implications with having files owned by nobody:nogroup, install them owned by SQUIG_UID:SQUID_GID instead. Also mark this as NO_PACKAGE since you have to set these values in your environment before installing this port. Submitted by: maintainer Reviewed by: Rodney W. Grimes --- www/squirm/Makefile | 22 +++++++++++++++++++++- www/squirm/files/patch-aa | 10 +++++----- 2 files changed, 26 insertions(+), 6 deletions(-) (limited to 'www') diff --git a/www/squirm/Makefile b/www/squirm/Makefile index 887f047d466c..2b8b7f6137b8 100644 --- a/www/squirm/Makefile +++ b/www/squirm/Makefile @@ -3,7 +3,7 @@ # Date created: 24 May 1999 # Whom: Maxim Sobolev # -# $Id$ +# $Id: Makefile,v 1.1.1.1 1999/06/09 01:39:19 steve Exp $ # DISTNAME= squirm-1.0betaB @@ -16,9 +16,29 @@ MAINTAINER= sobomax@altavista.net RUN_DEPENDS= ${PREFIX}/sbin/squid:${PORTSDIR}/www/squid22 +NO_PACKAGE= must set SQUID_UID and SQUID_GID before building + +MAKE_ENV+= SQUID_UID=${SQUID_UID} SQUID_GID=${SQUID_GID} + post-patch: @${PERL} -pi -e "s.%PREFIX%.${PREFIX}.g" ${WRKSRC}/paths.h +pre-install: +.if defined(SQUID_UID) && defined(SQUID_GID) +.if (${SQUID_UID} == "nobody") || (${SQUID_GID} == "nogroup") + @echo + @echo 'WARNING! You are going to install squirm files with either nobody owner or' + @echo 'nogroup group, which may be insecure.' + @echo +.endif +.else + @echo + @echo 'You should set SQUID_UID and SQUID_GID variables to your squid effective' + @echo 'user/group. For example: SQUID_UID=squid SQUID_GID=squid.' + @echo + @false +.endif + post-install: @echo @echo ' +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++' diff --git a/www/squirm/files/patch-aa b/www/squirm/files/patch-aa index b60e6b909869..1ef709ce8e9a 100644 --- a/www/squirm/files/patch-aa +++ b/www/squirm/files/patch-aa @@ -1,5 +1,5 @@ ---- Makefile.real.orig Wed Mar 11 02:23:51 1998 -+++ Makefile.real Thu Jun 17 18:13:00 1999 +--- Makefile.real.orig Wed Mar 11 10:23:51 1998 ++++ Makefile.real Tue Jun 29 15:21:37 1999 @@ -1,31 +1,31 @@ # Makefile for Squirm # @@ -36,9 +36,9 @@ - /usr/local/squirm/etc - install -m 755 -o root -g root --strip squirm /usr/local/squirm/bin + install -c -m 755 -o root -g wheel -d $(PREFIX)/squirm -+ install -c -m 770 -o root -g wheel -d $(PREFIX)/etc/squirm -+ install -c -m 750 -o nobody -g nogroup -d $(PREFIX)/squirm/logs -+ install -c -m 660 -o root -g nogroup squirm.local.dist squirm.patterns.dist \ ++ install -c -m 750 -o root -g $(SQUID_GID) -d $(PREFIX)/etc/squirm ++ install -c -m 750 -o $(SQUID_UID) -g $(SQUID_GID) -d $(PREFIX)/squirm/logs ++ install -c -m 640 -o root -g $(SQUID_GID) squirm.local.dist squirm.patterns.dist \ + $(PREFIX)/etc/squirm + install -c -m 755 -o root -g wheel --strip squirm $(PREFIX)/bin -- cgit v1.2.3