===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/Attic/porting.html,v
retrieving revision 1.18
retrieving revision 1.19
diff -u -r1.18 -r1.19
--- www/Attic/porting.html 1999/02/08 13:59:20 1.18
+++ www/Attic/porting.html 1999/02/27 16:37:29 1.19
@@ -99,12 +99,12 @@
conditions where you don't have proper control. For instance, an attacker
who already has user privileges on your machines may replace files in
/tmp
with symbolic links to more strategic files, such as
- /etc/passwd
.
+ /etc/master.passwd
.
fopen
and freopen
create a new file or open an existing file for
writing. An attacker may create a symbolic link from
- /etc/passwd
to /tmp/addrpool_dump
. The
+ /etc/master.passwd
to /tmp/addrpool_dump
. The
instant you open it, your password file is hosed. Yes, even with
an unlink
right before. You only narrow the window
of opportunity. Use open
with
@@ -297,8 +297,11 @@
path. Specifically, they set /usr/bin
and
/bin
to be searched before
/usr/local/bin
and /usr/X11R6/bin
.
- ${MACHINE_ARCH} ==
- alpha
+ ${NO_SHARED_LIBS}
is defined.
+ bsd.port.mk
don't forget to add a line
+ NEED_VERSION = x.yy
in the Makefile.
curses.h/libcurses/libtermlib
are the
``new curses''. Change:ncurses.h ==> curses.h