Date: Wed, 17 Nov 2004 15:32:44 -0500 (EST) From: "Dan Mahoney, System Admin" <danm@prime.gushi.org> To: questions@freebsd.org Subject: ports vulnerabilities Message-ID: <20041117150247.Q16295@prime.gushi.org>
next in thread | raw e-mail | index | archive | help
I had heard a bit about the new "vulnerability check" in FreeBSD's ports. I tried reading /usr/ports/updating and saw something like: Description: A new vulnerabilities database has been added to the ports system in order to keep more accurate, up-to-date, track of security vulnerabilities. The ports system now knows how to query that database and dynamically prevents the installation of vulnerable ports. I had to do some more digging around on various googles to find out that in order to USE this ability, I had to install the portaudit port. This seems like a useful feature, but I'm curious: Why isn't this in the base system? I tried to install a port which had a conflict (ImageMagick) but I didn't feel the vulnerability was significant enough to warrant waiting for a new port to be created. I looked in the ports man page for an override environment variable, but "vulnerability check" isn't even mentioned there. Could this please get stuck into the manpages? -Dan Mahoney -- <Zaren> Christ almighty... my EYES! They're melting! -Zaren, Efnet #macintosh, in response to: www.geocities.com/CollegePark/Classroom/1944 The WEBSITE DESIGN class that gave my fiancee a D. --------Dan Mahoney-------- Techie, Sysadmin, WebGeek Gushi on efnet/undernet IRC ICQ: 13735144 AIM: LarpGM Site: http://www.gushi.org ---------------------------
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041117150247.Q16295>