From owner-freebsd-security Tue Jun 18 9:57:56 2002 Delivered-To: freebsd-security@freebsd.org Received: from blort.org (blort.org [208.8.184.14]) by hub.freebsd.org (Postfix) with ESMTP id 294D437B406 for ; Tue, 18 Jun 2002 09:57:47 -0700 (PDT) Received: by blort.org (Postfix, from userid 1001) id 2B56D21051; Tue, 18 Jun 2002 09:57:37 -0700 (PDT) Date: Tue, 18 Jun 2002 09:57:36 -0700 From: Kameron Gasso To: Brett Glass Cc: Eric Anderson , Sheldon Hearn , security@freebsd.org Subject: Re: CDs with patched Apache? Message-ID: <20020618095736.A89330@blort.org> Reply-To: kgasso@blort.org References: <7957.1024403108@axl.seasidesoftware.co.za> <3D0F3010.A9F0995A@centtech.com> <4.3.2.7.2.20020618094300.03202e50@localhost> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="ibTvN161/egqYuK8" Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <4.3.2.7.2.20020618094300.03202e50@localhost>; from brett@lariat.org on Tue, Jun 18, 2002 at 09:45:52AM -0600 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --ibTvN161/egqYuK8 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable * At 08:47PDT on 06/18/2002, Brett Glass wrote: > At 07:05 AM 6/18/2002, Eric Anderson wrote: >=20 > >Maybe FreeBSD needs an "security update check" tool built into sysinstal= l, that > >will do something like: > > > >If system is being installed from the net, or installing packages from t= he net, > >automatically grab the update list, and show user possible security risk= s - > >possibly asking the user if they would like to upgrade their package/sys= tem > >right then. >=20 > Excellent idea! I agree that this would be useful, especially to users new to FreeBSD - it = not only gives them a chance to update any packages prior to installing, bu= t might also give them warm fuzzies knowing that their newfound OS was "nea= t" enough to check for updates. Either that, or it'll spark their hidden p= aranoia... ;) Seriously though, a project like this would require someone with both enoug= h knowledge and enough free time to head it up. I know that with a full-ti= me job and attempting to spend time with friends and family, I'm not left w= ith much time available for things of this sort - and I'm sure other people= who would love to pursue a project of this sort are in the same boat as we= ll. If this is really something that the FreeBSD community is willing to go for= ward with, a team should be formed to decide how to best tackle this undert= aking. Since we're starting to get a little offtopic here, I'll stop spamming -sec= urity with this thread. If anyone wishes to discuss this with me any furth= er, I'd be happy to communicate off-list. Cheers, --=20 Kameron Gasso PGP key at http://blort.org/~kgasso/pgpkey.txt (PS: Brett, yes, the idea for the domain was originally ripped from Don Mar= tin's work for MAD. Good call... -k) --ibTvN161/egqYuK8 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE9D2aARa4UJDpmZqQRAlHfAJ9GGdBCMPGs2iG3/LeZAgxm17BH4ACfc/7i gyotyncJxVyEj3SqZ9nBYsw= =Kl8c -----END PGP SIGNATURE----- --ibTvN161/egqYuK8-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message