From owner-cvs-all@FreeBSD.ORG Sat Apr 3 08:47:58 2004 Return-Path: Delivered-To: cvs-all@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8848716A4CE; Sat, 3 Apr 2004 08:47:58 -0800 (PST) Received: from abigail.blackend.org (blackend.org [212.11.35.229]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3901843D58; Sat, 3 Apr 2004 08:47:56 -0800 (PST) (envelope-from marc@blackend.org) Received: from abigail.blackend.org (localhost [127.0.0.1]) by abigail.blackend.org (8.12.9/8.12.3) with ESMTP id i33Glmui095121; Sat, 3 Apr 2004 18:47:48 +0200 (CEST) (envelope-from marc@abigail.blackend.org) Received: (from marc@localhost) by abigail.blackend.org (8.12.9/8.12.3/Submit) id i33GllAf095120; Sat, 3 Apr 2004 18:47:47 +0200 (CEST) (envelope-from marc) Date: Sat, 3 Apr 2004 18:47:47 +0200 From: Marc Fonvieille To: "Simon L. Nielsen" Message-ID: <20040403164746.GA89587@abigail.blackend.org> References: <200404031621.i33GLXi0093774@repoman.freebsd.org> <20040403163003.GE870@zaphod.nitro.dk> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="h31gzZEtNLTqOjlF" Content-Disposition: inline In-Reply-To: <20040403163003.GE870@zaphod.nitro.dk> User-Agent: Mutt/1.4.2.1i X-Useless-Header: blackend.org X-Operating-System: FreeBSD 4.8-STABLE cc: doc-committers@FreeBSD.org cc: cvs-doc@FreeBSD.org cc: cvs-all@FreeBSD.org Subject: Re: cvs commit: doc/en_US.ISO8859-1/books/handbook/ports chapter.sgml X-BeenThere: cvs-all@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: CVS commit messages for the entire tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 03 Apr 2004 16:47:58 -0000 --h31gzZEtNLTqOjlF Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sat, Apr 03, 2004 at 06:30:04PM +0200, Simon L. Nielsen wrote: [...] > > Log: > > Add some warnings: people should check http://vuxml.freebsd.org/ befo= re > > installing any application. >=20 > Isn't that a bit overkill? Ports that have security issues are marked > FORBIDDEN so users can't install them. If people want extra securirty > they can use portaudit which checks the vuxml databases automatically. >=20 It's overkill for some persons but for persons who have old ports collection, packages on an old CD etc. it's not "too much" to point them to the security issues database. The security aspect was not really mentioned in the ports chapter. > I also think it would be very hard to check vuxml manually in many > cases, since ports can have a lot of dependencies, which might also > contain security problems. Well it's a VuXML issue :) However http://www.vuxml.org/freebsd/index-pkg.html is not a so bad thing. Marc --h31gzZEtNLTqOjlF Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQFAbuqx81T1MWxkgcoRAtycAKCi5GllXHGojBwsnVdbTpN9j9nYpgCfbLiL 35FbxoYvvU7JW/l/uxMvLQ8= =jUt0 -----END PGP SIGNATURE----- --h31gzZEtNLTqOjlF--