Mark FORBIDDEN. This port installs set-user-id executables which

call system() without sanitizing the environment. It is trivially exploitable for root privileges. Reported by: Niels Heinen <zillion@safemode.org>
author: nectar <nectar@FreeBSD.org> 2003-03-25 21:01:48 +0800
committer: nectar <nectar@FreeBSD.org> 2003-03-25 21:01:48 +0800
commit: 5de3e033859182eedd7ca138dd7b117f60232897 (patch)
tree: 7c3f8c975797407dbbe522006ee2bafa7f0e7e95 /chinese
parent: a5e2db3035b49fdafe71b5e698bc72ffc308cc99 (diff)
download: freebsd-ports-gnome-5de3e033859182eedd7ca138dd7b117f60232897.tar.gz
freebsd-ports-gnome-5de3e033859182eedd7ca138dd7b117f60232897.tar.zst
freebsd-ports-gnome-5de3e033859182eedd7ca138dd7b117f60232897.zip
1 files changed, 1 insertions, 0 deletions
diff --git a/chinese/chitex/Makefile b/chinese/chitex/Makefile
index 7af2603f142d..d8c0999ee9a1 100644
--- a/chinese/chitex/Makefile
+++ b/chinese/chitex/Makefile
@@ -27,6 +27,7 @@ DIST_SUBDIR=	chitex
 WRKSRC=		${WRKDIR}/chitex612
 NO_BUILD=	YES
 NO_CDROM=	'Do not sell for profit.'
+FORBIDDEN=	'Installs setuid root binaries that use system() unsafely'
 
 MAN1=		awka.1
author	nectar <nectar@FreeBSD.org>	2003-03-25 21:01:48 +0800
committer	nectar <nectar@FreeBSD.org>	2003-03-25 21:01:48 +0800
commit	5de3e033859182eedd7ca138dd7b117f60232897 (patch)
tree	7c3f8c975797407dbbe522006ee2bafa7f0e7e95 /chinese
parent	a5e2db3035b49fdafe71b5e698bc72ffc308cc99 (diff)
download	freebsd-ports-gnome-5de3e033859182eedd7ca138dd7b117f60232897.tar.gz freebsd-ports-gnome-5de3e033859182eedd7ca138dd7b117f60232897.tar.zst freebsd-ports-gnome-5de3e033859182eedd7ca138dd7b117f60232897.zip