Date: Fri, 19 Aug 2005 09:53:36 -0400 From: Kris Kennaway <kris@obsecurity.org> To: "O. Hartmann" <ohartman@mail.uni-mainz.de> Cc: freebsd-questions@freebsd.org Subject: Re: portsnap, only for ports? Message-ID: <20050819135336.GA80271@xor.obsecurity.org> In-Reply-To: <4305B88D.3030202@mail.uni-mainz.de> References: <4305B88D.3030202@mail.uni-mainz.de>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] On Fri, Aug 19, 2005 at 12:46:37PM +0200, O. Hartmann wrote: > Hello. > I have some questions about portsnap. The intention of portsnap seems to > be reasonable. But I miss a similar facility updating the operating > system! One of the major arguments using portsnap is to avoid the > intrusion of malicous code, injected via a 'man in the middle'. Thinking > of so called root-kits it makes more sense to me securing the updates of > source code of the operating system also or at first place. Are there > any plans doing so? Or alternatives? I still use CVS updating the source > code. Stick to releases, which have signed MD5 checksums that you can verify prior to installing. Kris [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (FreeBSD) iD8DBQFDBeRgWry0BWjoQKURAtqCAKDWxbbDdzYZxE0vOuIeHo/rdg7v/gCg1Ssl WafSZfKGMYdQ5MKUqRLi6lA= =HELE -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050819135336.GA80271>