Date: Sat, 12 Sep 1998 20:46:08 -0700 (PDT) From: Marc Slemko <marcs@znep.com> To: Roger Marquis <marquis@roble.com> Cc: freebsd-security@FreeBSD.ORG Subject: Re: sshd Message-ID: <Pine.GSO.4.02A.9809122041230.18209-100000@redfish> In-Reply-To: <Pine.SUN.3.96.980912200252.21513B-100000@roble.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 12 Sep 1998, Roger Marquis wrote: > Secondly, while port A installs under /usr/<newdir>, port B installs to > /usr/local/etc and port C in /usr/libexec, ... You can never be sure Erm... any port that does so (with rare exceptions) is broken and should be fixed. > There's also no way to validate all of the source hosts listed in the > Makefile. We've downloaded hacked versions of a port and had to > redownload and recompile when the hack became obvious (through corrupt > syslogs and attempts to grab /pwd.db). I don't understand what you mean. What do you want to validate about the source host? That they exist? There is already a md5 in the port of the distribution tarball... To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.GSO.4.02A.9809122041230.18209-100000>