From owner-freebsd-stable Tue Apr 24 12:59: 7 2001 Delivered-To: freebsd-stable@freebsd.org Received: from mail.tgd.net (rand.tgd.net [64.81.67.117]) by hub.freebsd.org (Postfix) with SMTP id 02C2737B440 for ; Tue, 24 Apr 2001 12:59:02 -0700 (PDT) (envelope-from sean@mailhost.tgd.net) Received: (qmail 9800 invoked by uid 1001); 24 Apr 2001 19:58:58 -0000 Date: Tue, 24 Apr 2001 12:58:58 -0700 From: Sean Chittenden To: "Bruce A. Mah" Cc: Kris Kennaway , Calvin NG , Sean Chittenden , Jeff Kletsky , freebsd-stable@FreeBSD.ORG Subject: Re: pkg_version perl hacker project Message-ID: <20010424125858.M19530@rand.tgd.net> References: <20010423231827.A19530@rand.tgd.net> <20010424142340.E5216@brel.com> <20010424014833.B19530@rand.tgd.net> <20010424120052.H89156@xor.obsecurity.org> <200104241907.f3OJ7u103414@bmah-freebsd-0.cisco.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="Vxa5joy26gVGOrvU" Content-Disposition: inline In-Reply-To: <200104241907.f3OJ7u103414@bmah-freebsd-0.cisco.com>; from "bmah@FreeBSD.ORG" on Tue, Apr 24, 2001 at = 12:07:56PM X-PGP-Key: 0x1EDDFAAD X-PGP-Fingerprint: C665 A17F 9A56 286C 5CFB 1DEA 9F4F 5CEF 1EDD FAAD X-Web-Homepage: http://sean.chittenden.org/ Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG --Vxa5joy26gVGOrvU Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable =09 On Tue, Apr 24, 2001 at 12:07:56PM -0700, Bruce A. Mah wrote: > Think about where to put the parsed set of vulnerable packages. With this comment, I'm lead to believe that there is no central place where ports that have been marked as FORBIDDEN resides. Fact or fiction? Would anyone object to a new ports top level directory called one of the following (or any combination thereof): /usr/ports/Security /usr/ports/Pkg-advisories /usr/ports/Misc/Security/ports-advisories Something with an uppercase that should stay out of the way of normal. > It might live under /usr/ports or reside somewhere on the network. Being security consious, I'd be in favor of both, but a local copy should be sufficient. > Use fetch(1) to grab it from there, like pkg_version does for the > INDEX file. Agreed && noted. -sc --=20 Sean Chittenden --Vxa5joy26gVGOrvU Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Comment: Sean Chittenden iEYEARECAAYFAjrl2wIACgkQn09c7x7d+q2ezQCghjY9/I7UoO8xcAzb6iHzWtL+ pf8AnidC6k9aeNWa6k9nXLlLWs1P/Q5P =0u8k -----END PGP SIGNATURE----- --Vxa5joy26gVGOrvU-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message