On Sun, Dec 31, 2006 at 11:07:29AM +0000, Yar Tikhiy wrote: > yar 2006-12-31 11:07:29 UTC > > FreeBSD src repository > > Modified files: > etc rc.subr > Log: > Allow for /usr/bin/env when parsing the shebang line from an > interpreted $command. Some "portable" sofware packages use such a > line to skip the task of figuring out the absolute pathname of the > interpreter at install time, e.g.: > > #!/usr/bin/env python > > It is insecure, but a popular book on Python seems to have advised > it to a wide audience. Hence a number of such scripts in the ports, > mostly written in Python.
If its insecure, than why allow it? If the ports need a patch to make it secure, then they should be patched. I don't like seeing something from rc.subr with a comment about it being less secure.... (sorry if this message is a duplicate... been messing with my postfix settings, and it looked like the first one never made it out) -- Mike Pritchard [EMAIL PROTECTED] or [EMAIL PROTECTED] "If tyranny and oppression come to this land, it will be in the guise of fighting a foreign enemy." - James Madison (1787) _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "[EMAIL PROTECTED]"
