Date: Sun, 4 Apr 2004 01:00:50 +0800 From: Xin LI <delphij@frontfree.net> To: "Simon L. Nielsen" <simon@FreeBSD.org> Cc: cvs-doc@FreeBSD.org Subject: Re: cvs commit: doc/en_US.ISO8859-1/books/handbook/ports chapter.sgml Message-ID: <20040403170050.GC2898@frontfree.net> In-Reply-To: <20040403163003.GE870@zaphod.nitro.dk> References: <200404031621.i33GLXi0093774@repoman.freebsd.org> <20040403163003.GE870@zaphod.nitro.dk>
next in thread | previous in thread | raw e-mail | index | archive | help
--jCrbxBqMcLqd4mOl Content-Type: multipart/mixed; boundary="kfjH4zxOES6UT95V" Content-Disposition: inline --kfjH4zxOES6UT95V Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sat, Apr 03, 2004 at 06:30:04PM +0200, Simon L. Nielsen wrote: >=20 > On 2004.04.03 08:21:33 -0800, Marc Fonvieille wrote: > > blackend 2004/04/03 08:21:33 PST > >=20 > > FreeBSD doc repository > >=20 > > Modified files: > > en_US.ISO8859-1/books/handbook/ports chapter.sgml=20 > > Log: > > Add some warnings: people should check http://vuxml.freebsd.org/ befo= re > > installing any application. >=20 > Isn't that a bit overkill? Ports that have security issues are marked > FORBIDDEN so users can't install them. If people want extra securirty > they can use portaudit which checks the vuxml databases automatically. >=20 > I also think it would be very hard to check vuxml manually in many > cases, since ports can have a lot of dependencies, which might also > contain security problems. I think we'd better introduce portaudit to users, so I'd proposal the patch attached. Cheers, --=20 Xin LI <delphij frontfree net> http://www.delphij.net/ See complete headers for GPG key and other information. --kfjH4zxOES6UT95V Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename=patch-ports-handbook Content-Transfer-Encoding: quoted-printable Index: en_US.ISO8859-1/books/handbook/ports/chapter.sgml =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /home/ncvs/doc/en_US.ISO8859-1/books/handbook/ports/chapter.sgml,v retrieving revision 1.216 diff -u -r1.216 chapter.sgml --- en_US.ISO8859-1/books/handbook/ports/chapter.sgml 3 Apr 2004 16:21:33 -= 0000 1.216 +++ en_US.ISO8859-1/books/handbook/ports/chapter.sgml 3 Apr 2004 16:59:48 -= 0000 @@ -218,6 +218,11 @@ <para>Before installing any application, you should check <ulink url=3D"http://vuxml.freebsd.org/"></ulink>; for security issues related to your application.</para> + <para>You can also install <filename role=3D"package">security/porta= udit</filename> + which will automatically check all installed packages/ports, and + before you are building a port. Meanwhile, you can have a + <command>portaudit -F -a</command> after you have installed some + packages.</command></para> </warning> =20 <para>The remainder of this chapter will explain how to use @@ -754,6 +759,14 @@ an up-to-date ports collection and you should check <ulink url=3D"http://vuxml.freebsd.org/"></ulink>; for security issues related to your port.</para> + <para>This can be automatically done by <command>portaudit</command> + which could be founded in <filename + role=3D"package">security/portaudit</filename>. Consider running + <command>portaudit -F</command> before you are installing a + new port, and the ports system will check the port for + security issues for you automatically. As a bonus, a security + audit will be sent with your periodic mail everyday to report + whether new problems are found.</para> </warning> =20 <sect3 id=3D"ports-cd"> --kfjH4zxOES6UT95V-- --jCrbxBqMcLqd4mOl Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQFAbu3COfuToMruuMARAtmWAJsH7dU+onXLqOPPdUEBWgRcSyD7qACfUccm 58o+0xLiy6n8CKwYQ9PBML4= =Vif6 -----END PGP SIGNATURE----- --jCrbxBqMcLqd4mOl--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040403170050.GC2898>