From owner-freebsd-security@FreeBSD.ORG Sun May 2 10:29:17 2004 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C780816A4CE for ; Sun, 2 May 2004 10:29:17 -0700 (PDT) Received: from avgw.bjut.edu.cn (avgw.bjut.edu.cn [202.112.78.85]) by mx1.FreeBSD.org (Postfix) with SMTP id C483F43D41 for ; Sun, 2 May 2004 10:29:16 -0700 (PDT) (envelope-from delphij@frontfree.net) Received: from beastie.frontfree.net ([218.107.145.7]) by avgw.bjut.edu.cn (SAVSMTP 3.1.5.43) with SMTP id M2004050301291202603 for ; Mon, 03 May 2004 01:29:12 +0800 Received: from localhost (localhost [127.0.0.1]) by beastie.frontfree.net (Postfix) with ESMTP id 0A5341175D for ; Mon, 3 May 2004 01:29:12 +0800 (CST) Received: from beastie.frontfree.net ([127.0.0.1]) by localhost (beastie.frontfree.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 00383-06 for ; Mon, 3 May 2004 01:29:11 +0800 (CST) Received: by beastie.frontfree.net (Postfix, from userid 1001) id DBE9711706; Mon, 3 May 2004 01:29:10 +0800 (CST) Date: Mon, 3 May 2004 01:29:10 +0800 From: Xin LI To: freebsd-security@FreeBSD.org Message-ID: <20040502172910.GA775@frontfree.net> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="8t9RHnE3ZwKMSgU+" Content-Disposition: inline User-Agent: Mutt/1.4.2.1i X-GPG-key-ID/Fingerprint: 0xCAEEB8C0 / 43B8 B703 B8DD 0231 B333 DC28 39FB 93A0 CAEE B8C0 X-GPG-Public-Key: http://www.delphij.net/delphij.asc X-Operating-System: FreeBSD beastie.frontfree.net 5.2-CURRENT FreeBSD 5.2-CURRENT #33: Mon Apr 26 15:10:21 CST 2004 delphij@beastie.frontfree.net:/usr/obj/usr/src/sys/BEASTIE i386 X-URL: http://www.delphij.net X-By: delphij@beastie.frontfree.net X-Location: Beijing, China X-Virus-Scanned: by amavisd-new at frontfree.net Subject: What's our current policy on ports FORBIDDEN knob? X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 02 May 2004 17:29:17 -0000 --8t9RHnE3ZwKMSgU+ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Greetings, I'm a little curious about the way FORBIDDEN knob is used in ports system. Traditionally, we use it to mark a port which have known security issue, with the new vuxml mechanism, are we still doing the same thing when necessary? Or, only the "critical" ones, for example, remote exploitable buffer overruns, etc? If the second assumption (only critical ones are marked FORBIDDEN) is true, then what's our criteria of what should be marked FORBIDDEN or not? Say, how serious a bug should be before a port is marked FORBIDDEN? Someone who knows about these things please clarify this. Thanks in advance! Cheers, --=20 Xin LI http://www.delphij.net/ See complete headers for GPG key and other information. --8t9RHnE3ZwKMSgU+ Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQFAlS/mOfuToMruuMARAgvbAJ9JBZ4CNDaAmp8B/0Q5PJy4k9YsqwCfVRtJ YGZ6AVtdjrXyJet5kIvCXik= =g7ca -----END PGP SIGNATURE----- --8t9RHnE3ZwKMSgU+--