Re: installing vulnerable pkgs

["ratio" <ratio%insight.rr.com@localhost>]

For the record, the original thread starts at 
http://mail-index.netbsd.org/tech-pkg/2006/02/13/0005.html, and a workaround 
can be found at http://mail-index.netbsd.org/tech-pkg/2006/02/13/0014.html. 
Thanks, Roland and Lubomir!

--



----- Original Message ----- 
From: "Lubomir Sedlacik" <salo%Xtrmntr.org@localhost>
To: "ratio" <ratio%insight.rr.com@localhost>
Cc: <pkgsrc-users%netbsd.org@localhost>
Sent: Wednesday, July 26, 2006 10:16 AM
Subject: Re: installing vulnerable pkgs

On Tue, Jul 25, 2006 at 06:39:07PM -0400, ratio wrote:
> Is there an easy way to allow the installation of just one package
> (possibly allowing dependencies) without removing the checks for all
> packages?

no.

> Something finer-grained than ALLOW_VULNERABLE_PACKAGES but not as fine
> as ALLOW_VULNERABILITIES.foo? I'm not as interested in what the
> vulnerability is as whether or not I'm aware that one exists and that
> I'm really sure I want to install it regardless.
>
> Also, how does one get a version 1.0.1 formatted pkg-vulnerabilities
> file?  I haven't even been able to get ALLOW_VULNERABILITIES.foo to
> work since I don't have vulnerability IDs in my pkg-vulnerabilities
> file--download-vulnerability-list(8) gets me a version 1.0.0 formatted
> file. NetBSD-3.0, i386, pkgsrc updated to 2006Q2 via cvs a few days
> ago.

the functionality was removed few months ago.  search the archives and
cvs logs for details.


regards,

--
-- Lubomir Sedlacik <salo@{NetBSD,Xtrmntr,silcnet}.org>   --