From owner-freebsd-security@FreeBSD.ORG Wed Mar 31 08:53:02 2004 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6421016A4CE for ; Wed, 31 Mar 2004 08:53:02 -0800 (PST) Received: from gw.celabo.org (gw.celabo.org [208.42.49.153]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1567643D2D for ; Wed, 31 Mar 2004 08:53:02 -0800 (PST) (envelope-from nectar@celabo.org) Received: from madman.celabo.org (madman.celabo.org [10.0.1.111]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "madman.celabo.org", Issuer "celabo.org CA" (not verified)) by gw.celabo.org (Postfix) with ESMTP id A53CB5487F; Wed, 31 Mar 2004 10:53:01 -0600 (CST) Received: by madman.celabo.org (Postfix, from userid 1001) id 53AF16D465; Wed, 31 Mar 2004 10:53:01 -0600 (CST) Date: Wed, 31 Mar 2004 10:53:01 -0600 From: "Jacques A. Vidrine" To: Oliver Eikemeier Message-ID: <20040331165301.GA13952@madman.celabo.org> Mail-Followup-To: "Jacques A. Vidrine" , Oliver Eikemeier , Michael Nottebrock , FreeBSD Security References: <40687E18.9060907@fillmore-labs.com> <20040329201926.GA88529@madman.celabo.org> <40689343.4080602@fillmore-labs.com> <4068A0AF.2090807@gmx.net> <4068A90A.7000104@fillmore-labs.com> <4068B881.4010304@gmx.net> <20040330045646.GD5998@madman.celabo.org> <406912E7.4040806@gmx.net> <20040330142416.GJ10949@lum.celabo.org> <40699B09.5020107@fillmore-labs.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <40699B09.5020107@fillmore-labs.com> X-Url: http://www.celabo.org/ User-Agent: Mutt/1.5.6i cc: FreeBSD Security Subject: Re: cvs commit: ports/multimedia/xine Makefile X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 31 Mar 2004 16:53:02 -0000 On Tue, Mar 30, 2004 at 06:06:33PM +0200, Oliver Eikemeier wrote: > Jacques A. Vidrine wrote: > > >[...] > >In that fashion, users have a choice of security policy. > > Could you elaborate a bit what you mean with `choice of > security policy'? Which different security policies are > there to choose from? Sure. Here are several invented security policies: (a) Do not install ports that have been marked FORBIDDEN. (This is the current de facto security policy.) (b) Do not install ports that have been entered into the VuXML document, and warn me of any of those that are already installed. (portaudit implements this policy) (c) Except for issues that I've marked ignore, do not install/warn me about ports that have been entered into the VuXML document. (My favorite policy.) (d) Shutdown if any ports are installed that are listed in the VuXML document. (I'm just being silly.) (e) Do not install ports with MAINTAINER=idiot@FreeBSD.org, and warn me of any of those that are already installed. (I'm just being silly.) (f) Someone could potentially maintain an adjunct database that lists just ``serious'' (by that person's definition of ``serious'') issues by VuXML ID. Do not install ports in that adjunct database. Hmm. Scenario (f) is essentially what you get when one adds FORBIDDEN= http://vuxml.freebsd.org/...vid...html to a port Makefile. As we've agreed before, ``FORBIDDEN'' is an explicity severity indicator. Other than selecting a default policy, we don't have to choose only a single one of these, but only provide tools for implementing such policies. Cheers, -- Jacques Vidrine / nectar@celabo.org / jvidrine@verio.net / nectar@freebsd.org