tech-pkg archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]


On Thu, May 22, 2008 at 08:34:03AM -0500, Jeremy C. Reed wrote:
> > definining "ALLOW_VULNERABLE_PACKAGES" currently disables checking for
> > vulnerable packages completely.
> > 
> > I wonder whether it should just disable the error but not the message.
> Yes, that seems fine. Maybe add CHECK_VULNERABLE_PACKAGES that defaults to 
> yes.

Yes, that's probably a good idea.

The reason I'm asking is a friend system where "ALLOW_VULNERABLE_PACKAGES"
is set to "YES" in "/etc/mk.conf" (eventually for historic reasons
related to PHP). I would really prefer if he gets at least a message
when he installs a vulnerable package.

        Kind regards

Matthias Scheler                        

Home | Main Index | Thread Index | Old Index