From owner-freebsd-security Fri Dec 15 18:43:19 2000 From owner-freebsd-security@FreeBSD.ORG Fri Dec 15 18:43:16 2000 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from hotmail.com (f25.law7.hotmail.com [216.33.237.25]) by hub.freebsd.org (Postfix) with ESMTP id 056D337B402 for ; Fri, 15 Dec 2000 18:43:16 -0800 (PST) Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Fri, 15 Dec 2000 18:43:15 -0800 Received: from 209.53.54.44 by lw7fd.law7.hotmail.msn.com with HTTP; Sat, 16 Dec 2000 02:43:15 GMT X-Originating-IP: [209.53.54.44] From: "Some Person" To: jameslpin@pacific.net.sg, freebsd@hexdump.org, meshko@cs.brandeis.edu Cc: aj@entic.net, jrz@cnmnetwork.com, security@FreeBSD.ORG Subject: Re: Security Update Tool.. Date: Sat, 16 Dec 2000 02:43:15 Mime-Version: 1.0 Content-Type: text/plain; format=flowed Message-ID: X-OriginalArrivalTime: 16 Dec 2000 02:43:15.0843 (UTC) FILETIME=[F0C8C530:01C06709] Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org So my idea wasn't so bad after all? :) I figure atleast it might give some ideas to those who know more than what I can do, and maybe enlighten some more ideas rooting from this. > >Hi all, > Seems like today we have 2 ideas, ports autoupdate utility ( >security checks too ) as well as for the src base itself? > > >James Lim >Technical Support Executive > >Pacific Internet Limited >89 Science Park Drive >#02-05/06 The Rutherford >Singapore 118261 > >Finger evilfry@sg.freebsd.org for PGP key. > >----- Original Message ----- >From: "Jeff Gentry" >To: "Mikhail Kruk" >Cc: "Anil Jangity" ; "jrz" ; > >Sent: Saturday, December 16, 2000 9:59 AM >Subject: Re: Security Update Tool.. > > > > On Fri, 15 Dec 2000, Mikhail Kruk wrote: > > > I'm not sure that many people would like that kind of automation, but >what > > > is really missing IMHO is ability to mark ports whichs are insecure >and > > > add some option to pkg_info which will check all installed packages. I > > > think OpenBSD has exacty this, no? > > > > I don't think it has to be automated *and* "behind the covers" ... > > I think a 2 stage process would be good -> first stage figures out what > > (if any) you need, and if possible, explains why. The 2nd stage would > > allow you to apply changes if you wanted to or not. > > > > -- > > Jeff Gentry jester@hexdump.org gentrj@hexdump.org > > SEX DRUGS UNIX > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-security" in the body of the message > > > > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-security" in the body of the message _________________________________________________________________________ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message