On 05/28/2012 01:38 PM, Eitan Adler wrote:
On 28 May 2012 10:14, Stephen Montgomery-Smith<step...@missouri.edu> wrote:
After my recent conversations about creating a print/texlive-install port, I
realize that my math/sage port might have a security risk. This only
happens if the user selects additional optional packages. But the optional
packages are downloaded post-fetch.
I'll make some immediate band-aid changes to the port to switch this off,
but I'll think through the issue in the days to come.
adding ports-security to cc so we could track the issue
I just committed instructions to the port math/sage telling users how to
add the optional packages manually, and explaining the security risk.
Please contact me if this is still a problem.
_______________________________________________
freebsd-ports@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"