| 1 |
On Thu, 24 Aug 2017 03:06:13 +0000 (UTC) |
| 2 |
Duncan <1i5t5.duncan@×××.net> wrote: |
| 3 |
|
| 4 |
> nrpe-command-args-SECURITY-HOLE |
| 5 |
> or just |
| 6 |
> nrpe-GAPING-SECURITY-HOLE |
| 7 |
|
| 8 |
That's probably excessive, if you set that USE flag globally, you |
| 9 |
deserve what you get. |
| 10 |
|
| 11 |
And if you are responsible and you know what you're getting, then you |
| 12 |
should be allowed to do that ( even though I struggle to understand why |
| 13 |
) |
| 14 |
|
| 15 |
For everything else there are etc/portage/package.use |
| 16 |
|
| 17 |
Or maybe it could be a required-use: |
| 18 |
|
| 19 |
REQUIRED_USE="nrpe? ( GAPING_SECURITY_HOLE )" |
| 20 |
|
| 21 |
Alternatively, you could have a pkg_pretend like: |
| 22 |
|
| 23 |
pkg_pretend() { |
| 24 |
if [[use nrpe && ! has "${CATEGORY}/${PN}" "${GAPING_SECURITY_HOLE}" ]]; then |
| 25 |
einfo "nrpe feature introduces a security risk where in blah blah" |
| 26 |
einfo " blah, please read https://wiki.gentoo.org/etc/etc for" |
| 27 |
einfo " details and how to enable this" |
| 28 |
die "Security Hole Not Permitted" |
| 29 |
fi |
| 30 |
} |
| 31 |
|
| 32 |
But I say that only because current REQUIRED_USE feature makes it nigh |
| 33 |
impossible to understand from a human perspective what that assertion |
| 34 |
means. |
Archives