diff options
Diffstat (limited to 'mail/imap-uw/pkg-install')
| -rw-r--r-- | mail/imap-uw/pkg-install | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/mail/imap-uw/pkg-install b/mail/imap-uw/pkg-install index e3983e766e5a..c7541a4b1940 100644 --- a/mail/imap-uw/pkg-install +++ b/mail/imap-uw/pkg-install @@ -9,7 +9,7 @@ case $2 in POST-INSTALL) ;; PRE-INSTALL) - if dialog --yesno "This port is not safe to use on a system which does not\nprovide shell access to users who can retrieve mail via IMAP.\nimapd contains buffer overflows which a user can exploit\nafter they have logged into imap to get access to their\naccount on the machine. If your imap users have shell access\nanyway, this is not a significant vulnerability.\n\nThere is also a vulnerability wherein local users can prevent\narbitrary POP2/3 mailboxes from being opened, and force IMAP\nmailboxes to only open read-only.\n\nDo you wish to proceed with the build?" 16 65 < ${TTY} >${TTY} 2>&1; then + if dialog --yesno "This port has been proven exploitable at several occasions (read up\non CERT advisories), leaving systems subject to remote root access.\nBefore installing this package, please consider:\n\na) Whether you really want to use this software. The integrity of\nyour system may be at risk.\n\nb) Using TCP Wrappers to protect your UW imap/pop daemons from being\npublicly available. Adding this to /etc/hosts.allow will make your\nimap and pop3 daemons accessible only from 192.168.0.0/24:\n\nimapd : 192.168.0.0/24 : allow\nimapd : ALL : deny\nipop3d : 192.168.0.0/24 : allow\nipop3d : ALL : deny\n\nFor more information about the hosts.allow file, read\nhosts_access(5). Please test that this setup works as expected.\n\nDo you wish to proceed with the build?" 24 72 < ${TTY} >${TTY} 2>&1; then exit 0 else exit 1 |