Note documented insecurity of majordomo on multi-user machines.
Pointed out by: bugtraq
This commit is contained in:
parent
2e97d535f1
commit
84d08be515
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=29190
@ -24,6 +24,11 @@ INSTALL_TARGET= install install-wrapper
|
||||
MAN1= approve.1 bounce-remind.1 digest.1
|
||||
MAN8= majordomo.8
|
||||
|
||||
pre-fetch:
|
||||
.if !defined(BATCH) && !defined(PACKAGE_BUILDING)
|
||||
/usr/bin/dialog --yesno "Majordomo is unsafe to use on multi-user machines: local users can run arbitrary commands as the majordomo user. Do you wish to accept the security risk and build majordomo anyway?" 8 60 || ${FALSE}
|
||||
.endif
|
||||
|
||||
pre-configure:
|
||||
@ ${SETENV} ${MAKE_ENV} /usr/bin/perl ${SCRIPTDIR}/createuser
|
||||
@ ${CP} ${FILESDIR}/aliases.majordomo ${WRKSRC}
|
||||
|
Loading…
Reference in New Issue
Block a user