From owner-cvs-all@FreeBSD.ORG Sat Apr 3 09:19:21 2004 Return-Path: Delivered-To: cvs-all@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B6D4C16A4CE; Sat, 3 Apr 2004 09:19:21 -0800 (PST) Received: from pfepa.post.tele.dk (pfepa.post.tele.dk [195.41.46.235]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7B30F43D2D; Sat, 3 Apr 2004 09:19:21 -0800 (PST) (envelope-from simon@zaphod.nitro.dk) Received: from zaphod.nitro.dk (0x53584e1d.boanxx18.adsl-dhcp.tele.dk [83.88.78.29]) by pfepa.post.tele.dk (Postfix) with ESMTP id 4142947FE1D; Sat, 3 Apr 2004 19:19:20 +0200 (CEST) Received: by zaphod.nitro.dk (Postfix, from userid 3000) id 44B89114B2; Sat, 3 Apr 2004 19:19:19 +0200 (CEST) Date: Sat, 3 Apr 2004 19:19:19 +0200 From: "Simon L. Nielsen" To: "Jacques A. Vidrine" , Marc Fonvieille , doc-committers@FreeBSD.org, cvs-doc@FreeBSD.org, cvs-all@FreeBSD.org Message-ID: <20040403171918.GG870@zaphod.nitro.dk> References: <200404031621.i33GLXi0093774@repoman.freebsd.org> <20040403163003.GE870@zaphod.nitro.dk> <20040403170558.GA81162@madman.celabo.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="hK8Uo4Yp55NZU70L" Content-Disposition: inline In-Reply-To: <20040403170558.GA81162@madman.celabo.org> User-Agent: Mutt/1.5.6i Subject: Re: cvs commit: doc/en_US.ISO8859-1/books/handbook/ports chapter.sgml X-BeenThere: cvs-all@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: CVS commit messages for the entire tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 03 Apr 2004 17:19:21 -0000 --hK8Uo4Yp55NZU70L Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2004.04.03 11:05:58 -0600, Jacques A. Vidrine wrote: > On Sat, Apr 03, 2004 at 06:30:04PM +0200, Simon L. Nielsen wrote: > > > Isn't that a bit overkill? Ports that have security issues are marked > > FORBIDDEN so users can't install them. If people want extra securirty > > they can use portaudit which checks the vuxml databases automatically. > >=20 > > I also think it would be very hard to check vuxml manually in many > > cases, since ports can have a lot of dependencies, which might also > > contain security problems. >=20 > I haven't looked at the diff, but, it would probably be good to say more > or less: >=20 > Please check http://vuxml.freebsd.org/ for security issues, or you > can use portaudit to automate the checking for you. Yes, exactly the point I was trying (and probably failing) to make. --=20 Simon L. Nielsen FreeBSD Documentation Team --hK8Uo4Yp55NZU70L Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQFAbvIWh9pcDSc1mlERAiBfAJ4lQUj9OIR0//TSwXa6iByrgPO79gCfSIGM aFBGOyT2htzcX69Js9IVUD8= =6XfS -----END PGP SIGNATURE----- --hK8Uo4Yp55NZU70L--