# Installing a vulnerable port on FreeBSD 10



## t0ken (Jul 21, 2014)

On FreeBSD 10, I can't seem to use the same method I've always used when trying to install a vulnerable port.  Has anything changed with this version?  I'm trying to install linux-flashplugin, however am (expectedly) running into some vulnerable ports that (unexpectedly) refuse to install no matter what I do.


```
root@dlaptop:/usr/ports/security/linux-f10-openssl # make -DDISABLE_VULNERABILITIES
===>  linux-f10-openssl-0.9.8g is forbidden: http://www.freshports.org/vuxml.php?vid=2ecb7b20-d97e-11e0-b2e2-00215c6a37bb|82b55df8-4d5a-11de-8811-0030843d3802.
*** Error code 1

Stop.
make: stopped in /usr/ports/security/linux-f10-openssl
```
---

```
root@dlaptop:/usr/ports/security/linux-f10-openssl # make -DDISABLE_VULNERABILITIES install clean
===>  linux-f10-openssl-0.9.8g is forbidden: http://www.freshports.org/vuxml.php?vid=2ecb7b20-d97e-11e0-b2e2-00215c6a37bb|82b55df8-4d5a-11de-8811-0030843d3802.
*** Error code 1

Stop.
make: stopped in /usr/ports/security/linux-f10-openssl
```
---

```
root@dlaptop:/usr/ports/security/linux-f10-openssl # portinstall -m DISABLE_VULNERABILITIES=yes security/linux-f10-openssl
[Reading data from pkg(8) ... - 793 packages found - done]
[Gathering depends for security/linux-f10-openssl . done]
** Port marked as IGNORE: security/linux-f10-openssl:
        is forbidden: http://www.freshports.org/vuxml.php?vid=2ecb7b20-d97e-11e0-b2e2-00215c6a37bb|82b55df8-4d5a-11de-8811-0030843d3802
** Listing the failed packages (-:ignored / *:skipped / !:failed)
        - security/linux-f10-openssl
```

Any ideas?


----------



## kpa (Jul 21, 2014)

Lot of the Linux ports were recently marked as forbidden because they have some real and pretty bad security vulnerabilities that haven't been fixed yet and from the looks of it those ports are very much abandoned by their maintainers. The last real update to that port for example was in 2009. Those ports would have be recreated using more up to date source files to get them working again.


----------



## t0ken (Jul 21, 2014)

Hmmm, I've seen some use the CentOS6 ports, but I ran into some issues in my one attempt to do so -- I stopped and decided to ask about the vulnerability vs. working out the likely trivial issue with the c6 ports.

I wonder, is everyone who uses FreeBSD on the desktop just going without flash in that case?  Thanks for your answer kpa.


----------



## t0ken (Jul 22, 2014)

FWIW, I was able to get Flash installed using the linux_base-c6 packages. I followed the instructions here:  https://github.com/xmj/linux-ports/.


----------



## talsamon (Jul 22, 2014)

But does not work on FreeBSD 9.2. (Maybe I overlooked something). But linux-c6-flashplugin11 installs without problems, but does nothing - without error messages.
(It's no problem, I have "reverse" it to linux-f10-fedora, and it works , but I would prefer for logical reasons the centos-c6 packages).


----------



## worldi (Jul 22, 2014)

IIRC you have to specify both DISABLE_VULNERABILITIES and NO_IGNORE:

`% make install DISABLE_VULNERABILITIES=1 NO_IGNORE=1 ..`


----------



## talsamon (Jul 22, 2014)

Oh, forgot NO_IGNORE, maybe this is it, I will try it later again, thanks.


----------



## talsamon (Jul 22, 2014)

But this was a misunderstood. `make install DISABLE_VULNERABILITIES=1 NO_IGNORE=1` has nothing to do with centos-c6. It is for linux-f10 necessary.


----------



## talsamon (Jul 22, 2014)

I got this error, if I try with centos-c6


```
*** NSPlugin Wrapper *** ERROR: failed to initialize plugin-side RPC client connection
/usr/local/lib/nspluginwrapper/i386/linux/npviewer.bin: symbol lookup error: /usr/lib/libX11.so.6: undefined symbol: xcb_take_socket
*** NSPlugin Wrapper *** ERROR: failed to initialize plugin-side RPC client connection
```


```
ls -al /compat/linux/usr/lib/libX11.so.6
lrwxrwxrwx  1 root  wheel  15 28 Apr  2009 /compat/linux/usr/lib/libX11.so.6 -> libX11.so.6.3.0
 ls -al /usr/local/lib/libX11.so.6
lrwxr-xr-x  1 root  wheel  15 22 Jul 17:31 /usr/local/lib/libX11.so.6 -> libX11.so.6.3.0
```


----------

