summaryrefslogtreecommitdiff
path: root/sysutils/tcx/MESSAGE
diff options
context:
space:
mode:
authoragc <agc@pkgsrc.org>2003-06-23 13:55:24 +0000
committeragc <agc@pkgsrc.org>2003-06-23 13:55:24 +0000
commit1a7e531c093bcf829eed6b8351f031237e219042 (patch)
treeb8d8fc9e40badb79eaca84d16c3a519d37bb7c63 /sysutils/tcx/MESSAGE
parent45a9d184717ee21af30753624fd921597a77b301 (diff)
downloadpkgsrc-1a7e531c093bcf829eed6b8351f031237e219042.tar.gz
Initial import of tcx-19940124 into the NetBSD Packages Collection.
TCX is a system designed for the transparent decompression, execution and recompression of executables under Unix. It allows configuration options such as the type of compression system used (compress(1), gzip(1), your own local system etc), timeouts between recompressions, and emergency directories in case a decompression fails from shortage of disk space. The system is designed with a reasonable amount of robustness in mind, such as in the event of system crashes, or races on trying to uncompress, compress or execute something. This software is quite old (vintage 1993-94), and some things have moved on since then. In particular, untcx is setuid root. I have done a minor security audit, but anyone installing this software is invited to conduct one for themselves. =========================================================================== $NetBSD: MESSAGE,v 1.2 2002/09/12 19:37:07 wiz Exp $ WARNING - this package contains a setuid root executable called untcx, which was written in 1994, and contained calls to getwd(3), sprintf(3), strcpy(3) and strcat(3). I've done a minor audit of the code, and have fixed the above functions with calls to safer alternatives, but you may wish to delete this package from your own systems until you have carried out your own audit. ===========================================================================
Diffstat (limited to 'sysutils/tcx/MESSAGE')
-rw-r--r--sysutils/tcx/MESSAGE11
1 files changed, 11 insertions, 0 deletions
diff --git a/sysutils/tcx/MESSAGE b/sysutils/tcx/MESSAGE
new file mode 100644
index 00000000000..e1efe372a7f
--- /dev/null
+++ b/sysutils/tcx/MESSAGE
@@ -0,0 +1,11 @@
+===========================================================================
+$NetBSD: MESSAGE,v 1.1.1.1 2003/06/23 13:55:24 agc Exp $
+
+ WARNING - this package contains a setuid root executable called
+ untcx, which was written in 1994, and contained calls to getwd(3),
+ sprintf(3), strcpy(3) and strcat(3). I've done a minor audit of
+ the code, and have fixed the above functions with calls to safer
+ alternatives, but you may wish to delete this package from your
+ own systems until you have carried out your own audit.
+
+===========================================================================