From owner-freebsd-questions@FreeBSD.ORG Wed Feb 4 11:36:57 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BA13416A4D9 for ; Wed, 4 Feb 2004 11:36:57 -0800 (PST) Received: from rdsnet.ro (smtp.rdsnet.ro [62.231.74.130]) by mx1.FreeBSD.org (Postfix) with ESMTP id F04C743D1D for ; Wed, 4 Feb 2004 11:36:49 -0800 (PST) (envelope-from itetcu@apropo.ro) Received: (qmail 10628 invoked from network); 4 Feb 2004 19:36:48 -0000 Received: from unknown (HELO it.buh.cameradicommercio.ro) (81.196.25.19) by mail.rdsnet.ro with SMTP; 4 Feb 2004 19:36:48 -0000 Date: Wed, 4 Feb 2004 21:38:21 +0200 From: Ion-Mihai Tetcu To: Ion-Mihai Tetcu Message-Id: <20040204213821.1803b3f0@it.buh.cameradicommercio.ro> In-Reply-To: <20040204212601.42d6f19f@it.buh.cameradicommercio.ro> References: <20040204193127.70e3568f.ggop@myrealbox.com> <20040204201702.55f0321f@it.buh.cameradicommercio.ro> <1075919144.761.13.camel@gyros> <20040204212601.42d6f19f@it.buh.cameradicommercio.ro> X-Mailer: Sylpheed version 0.9.8claws (GTK+ 1.2.10; i386-portbld-freebsd5.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit cc: Gautam Gopalakrishnan cc: FreeBSD User Questions List Subject: Re: Vulnerability check disabled X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 Feb 2004 19:36:58 -0000 On Wed, 4 Feb 2004 21:26:01 +0200 Ion-Mihai Tetcu wrote: [..] > >>> Type: FEATURE > > Title: Do not install ports with security vulnerabilities [..] > Now, maybe this could be clarified a little bit in CHANGES ? > > Like: > __ > > For using the new security feature of ports infrastructure, you should: > cd /usr/ports/security/portaudit; make install Note that this is a prerelease version, it is mostly usable for committers that want to contribute to the project, and can currently not be relied upon as an extensive security auditing tool. > /usr/local/etc/periodic/daily/330.fetchaudit > To test: > cd /usr/ports/security/vulnerability-test-port > make INSTALLATION_DATE=`date -u -v-14d "+%Y.%m.%d"` install > > A message like this should appear: > ===> vulnerability-test-port-2004.01.14 has known vulnerabilities: > >> Not vulnerable, just a test port (database: 2004-01-28). > Reference: > >> Please update your ports tree and try again. > *** Error code 1 > > If you don't install this port, for the majority of make's targtets you > will get the following message: > ===> Vulnerability check disabled > __ > > > IMHO, as this is a log desired feature, a news on annouce@ / security / > security-notifications could be send. > > Now, what is the status of the vulnerabilities database ? Did I just responded to my question ? -- IOnut Unregistered ;) FreeBSD user