From owner-freebsd-stable@FreeBSD.ORG Mon Nov 17 06:02:41 2003 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1B8AA16A4CF for ; Mon, 17 Nov 2003 06:02:41 -0800 (PST) Received: from web20710.mail.yahoo.com (web20710.mail.yahoo.com [216.136.226.183]) by mx1.FreeBSD.org (Postfix) with SMTP id 8AE0443F3F for ; Mon, 17 Nov 2003 06:02:40 -0800 (PST) (envelope-from caroloveres@yahoo.com) Message-ID: <20031117140240.41031.qmail@web20710.mail.yahoo.com> Received: from [194.151.226.35] by web20710.mail.yahoo.com via HTTP; Mon, 17 Nov 2003 06:02:40 PST Date: Mon, 17 Nov 2003 06:02:40 -0800 (PST) From: Carol Overes To: freebsd-stable@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Subject: Secure updating of OS and ports X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Nov 2003 14:02:41 -0000 Hi, I'm looking for a way to update in a secure manner my kernel, binaries and anything from the ports collection. I'm thinking of updating kernel and binaries with patches form ftp.freebsd.org which are siganed with the PGP key of the security officers. However, this has to be hand-made patching. Does anyone know a secure way via for example cvsup ? Also, I'm looking for a secure way to update ports applications. How can I check that patches for ports doesn't contain any trojans for example, or are coming from the original source. Any thoughts about his ? Thanks in advance. Carol Overes __________________________________ Do you Yahoo!? Protect your identity with Yahoo! Mail AddressGuard http://antispam.yahoo.com/whatsnewfree