aboutsummaryrefslogtreecommitdiff
path: root/Tools
diff options
context:
space:
mode:
authorGabor Kovesdan <gabor@FreeBSD.org>2007-08-04 11:37:24 +0000
committerGabor Kovesdan <gabor@FreeBSD.org>2007-08-04 11:37:24 +0000
commit4c9cd257fd4e6eca46807a43e128d298429ee3cd (patch)
treeb6dad92780476834e2a43796a5d329f00474a4dd /Tools
parent04d8dc46d4afe253e7ac755b746bdf806be86f24 (diff)
downloadports-4c9cd257fd4e6eca46807a43e128d298429ee3cd.tar.gz
ports-4c9cd257fd4e6eca46807a43e128d298429ee3cd.zip
- Extract command variable definitions from bsd.port.mk, they are now stored in
bsd.commands.mk and can be easily reused within the infrastructure. - Revert old DESTDIR implementation. - Add a new, fully chrooted DESTDIR implementation as bsd.destdir.mk. Sponsored by: Google Summer of Code 2007 Approved by: portmgr (pav)
Notes
Notes: svn path=/head/; revision=197074
Diffstat (limited to 'Tools')
-rw-r--r--Tools/scripts/security-check.awk50
1 files changed, 10 insertions, 40 deletions
diff --git a/Tools/scripts/security-check.awk b/Tools/scripts/security-check.awk
index 7d6ff1b8b735..48746cdb6384 100644
--- a/Tools/scripts/security-check.awk
+++ b/Tools/scripts/security-check.awk
@@ -34,18 +34,10 @@ FILENAME ~ /\.writable$/ { writable_files[$0] = 1; }
function print_header() {
if (header_printed)
return;
- if (audit != "") {
- if (destdir == "")
- print "===> SECURITY REPORT (PARANOID MODE): ";
- else
- print "===> SECURITY REPORT FOR", destdir, "(PARANOID MODE): ";
- }
- else {
- if (destdir == "")
- print "===> SECURITY REPORT: ";
- else
- print "===> SECURITY REPORT FOR", destdir, ": ";
- }
+ if (audit != "")
+ print "===> SECURITY REPORT (PARANOID MODE): ";
+ else
+ print "===> SECURITY REPORT: ";
header_printed = 1;
}
function note_for_the_stupid(file) { return (file in stupid_binaries) ? (" (USES POSSIBLY INSECURE FUNCTIONS:" stupid_binaries[file] ")") : ""; }
@@ -54,14 +46,8 @@ END {
for (file in setuid_binaries) {
if (!note_printed) {
print_header();
- if (destdir == "") {
- print " This port has installed the following binaries, which execute with";
- print " increased privileges.";
- }
- else {
- print " This port has installed the following binaries into", destdir, ", which";
- print " execute with increased privileges.";
- }
+ print " This port has installed the following binaries which execute with";
+ print " increased privileges.";
note_printed = 1;
}
print file note_for_the_stupid(file);
@@ -72,15 +58,8 @@ END {
for (file in network_binaries) {
if (!note_printed) {
print_header();
- if (destdir == "") {
- print " This port has installed the following files, which may act as network";
- print " servers and may therefore pose a remote security risk to the system.";
- }
- else {
- print " This port has installed the following files into", destdir, ", which may";
- print " act as network servers and may therefore pose a remote security risk to";
- print " the system.";
- }
+ print " This port has installed the following files which may act as network";
+ print " servers and may therefore pose a remote security risk to the system.";
note_printed = 1;
}
print file note_for_the_stupid(file);
@@ -91,14 +70,8 @@ END {
for (file in startup_scripts) {
if (!note_printed) {
print_header();
- if (destdir == "") {
- print " This port has installed the following startup scripts, which may cause";
+ print " This port has installed the following startup scripts which may cause";
print " these network services to be started at boot time.";
- }
- else {
- print " This port has installed the following startup scripts into", destdir, ", which";
- print " may cause these network services to be started at boot time.";
- }
note_printed = 1;
}
print file;
@@ -110,10 +83,7 @@ END {
for (file in writable_files) {
if (!note_printed) {
print_header();
- if (destdir == "")
- print " This port has installed the following world-writable files/directories.";
- else
- print " This port has installed the following world-writable files/directories into", destdir, ".";
+ print " This port has installed the following world-writable files/directories.";
note_printed = 1;
}
print file;