Date: Tue, 18 Jun 2002 09:57:36 -0700 From: Kameron Gasso <kgasso@blort.org> To: Brett Glass <brett@lariat.org> Cc: Eric Anderson <anderson@centtech.com>, Sheldon Hearn <sheldonh@starjuice.net>, security@freebsd.org Subject: Re: CDs with patched Apache? Message-ID: <20020618095736.A89330@blort.org> In-Reply-To: <4.3.2.7.2.20020618094300.03202e50@localhost>; from brett@lariat.org on Tue, Jun 18, 2002 at 09:45:52AM -0600 References: <7957.1024403108@axl.seasidesoftware.co.za> <3D0F3010.A9F0995A@centtech.com> <4.3.2.7.2.20020618094300.03202e50@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] * At 08:47PDT on 06/18/2002, Brett Glass <brett@lariat.org> wrote: > At 07:05 AM 6/18/2002, Eric Anderson wrote: > > >Maybe FreeBSD needs an "security update check" tool built into sysinstall, that > >will do something like: > > > >If system is being installed from the net, or installing packages from the net, > >automatically grab the update list, and show user possible security risks - > >possibly asking the user if they would like to upgrade their package/system > >right then. > > Excellent idea! I agree that this would be useful, especially to users new to FreeBSD - it not only gives them a chance to update any packages prior to installing, but might also give them warm fuzzies knowing that their newfound OS was "neat" enough to check for updates. Either that, or it'll spark their hidden paranoia... ;) Seriously though, a project like this would require someone with both enough knowledge and enough free time to head it up. I know that with a full-time job and attempting to spend time with friends and family, I'm not left with much time available for things of this sort - and I'm sure other people who would love to pursue a project of this sort are in the same boat as well. If this is really something that the FreeBSD community is willing to go forward with, a team should be formed to decide how to best tackle this undertaking. Since we're starting to get a little offtopic here, I'll stop spamming -security with this thread. If anyone wishes to discuss this with me any further, I'd be happy to communicate off-list. Cheers, -- Kameron Gasso <kgasso@blort.org> PGP key at http://blort.org/~kgasso/pgpkey.txt (PS: Brett, yes, the idea for the domain was originally ripped from Don Martin's work for MAD. Good call... -k) [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE9D2aARa4UJDpmZqQRAlHfAJ9GGdBCMPGs2iG3/LeZAgxm17BH4ACfc/7i gyotyncJxVyEj3SqZ9nBYsw= =Kl8c -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020618095736.A89330>