Matt Emmerton wrote:

Hello List,

Portuadit telles my about the "open_basedir Race Condition
Vulnerability", OK.

By reading the advisory on I can safely say
this does not apply to our environment, we don't use open_basedir or
safe_mode and Suhosin is planned anyway (after test).
So what to do now?

You've established that the security issue doesn't apply to your

1) Add "DISABLE_VULNERABILITIES=yes" to /etc/make.conf
2) Run "portupgrade -u" or "make install clean"

By doing this you have disabled vulnerability checking for *all* ports which seems a little extreme. Either add the flag to pkgtools.conf (for portupgrade (and portmanager?)) or use it from the command line with make.


_______________________________________________ mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to