Index: Mk/bsd.port.mk
===================================================================
RCS file: /home/ncvs/ports/Mk/bsd.port.mk,v
retrieving revision 1.490
diff -u -r1.490 bsd.port.mk
--- Mk/bsd.port.mk	31 May 2004 18:07:57 -0000	1.490
+++ Mk/bsd.port.mk	8 Jun 2004 14:59:04 -0000
@@ -3334,10 +3334,11 @@
 #   1.  setugid files
 #   2.  accept()/recvfrom() which indicates network listening capability
 #   3.  insecure functions (gets/mktemp/tempnam/[XXX])
-#   4.  startup scripts, in conjunction with 2.
-#   5.  world-writable files/dirs
+#   4.  shared libs linked directly to pthreads libs
+#   5.  startup scripts, in conjunction with 2.
+#   6.  world-writable files/dirs
 #
-	-@${RM} -f ${WRKDIR}/.PLIST.setuid ${WRKDIR}/.PLIST.writable ${WRKDIR}/.PLIST.objdump; \
+	-@${RM} -f ${WRKDIR}/.PLIST.setuid ${WRKDIR}/.PLIST.writable ${WRKDIR}/.PLIST.objdump ${WRKDIR}/.PLIST.ldd; \
 	${AWK} -v prefix='${PREFIX}' ' \
 		match($$0, /^@cwd /) { prefix = substr($$0, RSTART + RLENGTH); next; } \
 		/^@/ { next; } \
@@ -3351,9 +3352,12 @@
 	${TR} '\n' '\0' < ${WRKDIR}/.PLIST.flattened \
 	| ${XARGS} -0 -J % ${FIND} % -prune ! -type l -type f -print0 2> /dev/null \
 	| ${XARGS} -0 -n 1 /usr/bin/objdump -R 2> /dev/null > ${WRKDIR}/.PLIST.objdump; \
+	${GREP} '\.so' < ${WRKDIR}/.PLIST.flattened | ${TR} '\n' '\0' \
+	| ${XARGS} -0 -J % ${FIND} % -prune ! -type l -type f -print0 2> /dev/null \
+	| ${XARGS} -0 -n 1 /usr/bin/ldd -a 2> /dev/null > ${WRKDIR}/.PLIST.ldd; \
 	if \
 		! ${AWK} -v audit="$${PORTS_AUDIT}" -f ${PORTSDIR}/Tools/scripts/security-check.awk \
-		  ${WRKDIR}/.PLIST.flattened ${WRKDIR}/.PLIST.objdump ${WRKDIR}/.PLIST.setuid ${WRKDIR}/.PLIST.writable; \
+		  ${WRKDIR}/.PLIST.flattened ${WRKDIR}/.PLIST.objdump ${WRKDIR}/.PLIST.ldd ${WRKDIR}/.PLIST.setuid ${WRKDIR}/.PLIST.writable; \
 	then \
 		www_site=$$(cd ${.CURDIR} && ${MAKE} ${__softMAKEFLAGS} www-site); \
 	    if [ ! -z "$${www_site}" ]; then \
Index: Tools/scripts/security-check.awk
===================================================================
RCS file: /home/ncvs/ports/Tools/scripts/security-check.awk,v
retrieving revision 1.1
diff -u -r1.1 security-check.awk
--- Tools/scripts/security-check.awk	19 Jan 2004 22:19:00 -0000	1.1
+++ Tools/scripts/security-check.awk	8 Jun 2004 14:38:09 -0000
@@ -9,6 +9,7 @@
 	split("", setuid_binaries);
 	split("", writable_files);
 	split("", startup_scripts);
+	split("", pthreads_libs);
 	header_printed = 0;
 }
 FILENAME ~ /\.flattened$/ {
@@ -18,7 +19,6 @@
 FILENAME ~ /\.objdump$/ {
 	if (match($0, /: +file format [^ ]+$/)) {
 		file = substr($0, 1, RSTART - 1);
-		stupid_functions = "";
 		next;
 	}
 	if (file == "")
@@ -29,6 +29,16 @@
 	if ($3 ~ /^(accept|recvfrom)$/)
 		network_binaries[file] = 1;
 }
+FILENAME ~ /\.ldd$/ {
+	if (match($0, /:$/)) {
+		file = substr($0, 1, RSTART - 1);
+		next;
+	}
+	if (file == "")
+		next;
+	if ($1 ~ /^(libc_r|libpthread|libthr).so/)
+		pthreads_libs[file] = $3;
+}
 FILENAME ~ /\.setuid$/ { setuid_binaries[$0] = 1; }
 FILENAME ~ /\.writable$/ { writable_files[$0] = 1; }
 function print_header() {
@@ -79,6 +89,20 @@
 		if (note_printed)
 			print "";
 	}
+
+	note_printed = 0;
+	for (file in pthreads_libs) {
+		if (!note_printed) {
+			print_header();
+			print "      This port has installed the following shared libraries which are";
+			print "      incorrectly linked to a pthreads shared library.";
+			note_printed = 1;
+		}
+		printf "%s (linked to %s)\n", file, pthreads_libs[file];
+	}
+	if (note_printed)
+		print "";
+
 	note_printed = 0;
 	for (file in writable_files) {
 		if (!note_printed) {