From owner-freebsd-security@FreeBSD.ORG Wed Mar 17 10:52:54 2004 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A50F516A4CE for ; Wed, 17 Mar 2004 10:52:54 -0800 (PST) Received: from postman.arcor.de (postman4.arcor-online.net [151.189.0.154]) by mx1.FreeBSD.org (Postfix) with ESMTP id 160F043D2F for ; Wed, 17 Mar 2004 10:52:54 -0800 (PST) (envelope-from eikemeier@fillmore-labs.com) Received: from fillmore.dyndns.org (port-212-202-51-138.reverse.qsc.de [212.202.51.138]) (authenticated bits=0)i2HIqoD2011918 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO); Wed, 17 Mar 2004 19:52:51 +0100 (MET) Received: from [172.16.0.2] (helo=fillmore-labs.com) by fillmore.dyndns.org with esmtp (Exim 4.30; FreeBSD) id 1B3g9b-000Ihe-Se; Wed, 17 Mar 2004 19:52:35 +0100 Message-ID: <40589E73.80209@fillmore-labs.com> Date: Wed, 17 Mar 2004 19:52:35 +0100 From: Oliver Eikemeier Organization: Fillmore Labs GmbH - http://www.fillmore-labs.com/ MIME-Version: 1.0 To: "Peter C. Lai" References: <20040317070051.GC716@cowbert.2y.net> In-Reply-To: <20040317070051.GC716@cowbert.2y.net> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit User-Agent: KMail/1.5.9 cc: freebsd-security@freebsd.org Subject: Re: portaudit X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 17 Mar 2004 18:52:54 -0000 Peter C. Lai wrote: > Any reason why portaudit and its associated infrastructure was not announced to > this list or security-notifications? Sorry, I wasn't subscribed to security@ until recently, so I didn't though of announcing portaudit on this list. > I recently discovered it, and discovered > the feature was added to bsd.port.mk in the beginning of feburary. Seeing as > the security officer apparently (without announcement) no longer issues > security notices (SNs) for ports, I am assuming that portaudit has replaced > SNs entirely, and that we should rely on that for ports operational security? > [...] I'm sorry there has been so much confusion about portaudit. portaudit is fully functional, so it should be pretty realiable if used on your systems, but here are still some issues I want to straighten out before having an 1.0 release and doing an official announcement: - documented proxy handling - more tunable parameters - a start script for workstations which do not run periodic(8) scripts - maybe add some auditing code to pkg_add I hope to finish these Real Soon Now(tm), and will post an announcement then. Thanks for you heads-up Oliver