Date: Tue, 8 Mar 2005 21:51:31 +0800 (WST) From: David Adam <zanchey@ucc.gu.uwa.edu.au> To: =?ISO-8859-1?Q?Stian_=D8vrev=E5ge?= <sovrevage@gmail.com> Cc: freebsd-newbies@freebsd.org Subject: Re: Secure installation and updating Message-ID: <Pine.LNX.4.58.0503082139010.4139@mussel.ucc.gu.uwa.edu.au> In-Reply-To: <bf68260705030706044f1247ba@mail.gmail.com> References: <bf68260705030706044f1247ba@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Stian, A question this technical really needs to go to freebsd-questions@freebsd.org rather than the newbie discussion list. Having said that: yes, you can download the entire /usr/src tree in a variety of ways. http://www.freebsd.org/support.html#cvs lists a few - you might want to carry a custom-built FreeSBIE (www.freesbie.org) CD with cvsup-without-gui installed on it to use CVS. That also gives you the security of knowing that at least there are no software security breaches on your download system. I would recommend that you don't mount the pen drive as /usr/src, but rather copy all the files (or better yet, a tarball) to /usr/src on your target system. This will probably make things faster/better. If you do mount the pen drive as /usr/src, remember to mark it noatime! (Although there was a post above noting that checksums are used, remember that if you can modify arbitrary traffic, you can modify the checksums too. See dns/dnshijacker and security/ettercap for some interesting insights.) Cheers, David Adam zanchey@ucc.gu.uwa.edu.au
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.58.0503082139010.4139>