From owner-freebsd-stable  Tue Apr 24 12:59: 7 2001
Delivered-To: freebsd-stable@freebsd.org
Received: from mail.tgd.net (rand.tgd.net [64.81.67.117])
	by hub.freebsd.org (Postfix) with SMTP id 02C2737B440
	for <freebsd-stable@FreeBSD.ORG>; Tue, 24 Apr 2001 12:59:02 -0700 (PDT)
	(envelope-from sean@mailhost.tgd.net)
Received: (qmail 9800 invoked by uid 1001); 24 Apr 2001 19:58:58 -0000
Date: Tue, 24 Apr 2001 12:58:58 -0700
From: Sean Chittenden <sean@chittenden.org>
To: "Bruce A. Mah" <bmah@FreeBSD.ORG>
Cc: Kris Kennaway <kris@obsecurity.org>,
	Calvin NG <calvinng@brel.com>,
	Sean Chittenden <sean-freebsd-stable@chittenden.org>,
	Jeff Kletsky <Jeff+freebsd@wagsky.com>, freebsd-stable@FreeBSD.ORG
Subject: Re: pkg_version perl hacker project
Message-ID: <20010424125858.M19530@rand.tgd.net>
References: <Pine.BSF.4.21.0104230806060.27435-100000@wildside.wagsky.com> <20010423231827.A19530@rand.tgd.net> <20010424142340.E5216@brel.com> <20010424014833.B19530@rand.tgd.net> <20010424120052.H89156@xor.obsecurity.org> <200104241907.f3OJ7u103414@bmah-freebsd-0.cisco.com>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="Vxa5joy26gVGOrvU"
Content-Disposition: inline
In-Reply-To: <200104241907.f3OJ7u103414@bmah-freebsd-0.cisco.com>; from "bmah@FreeBSD.ORG" on Tue, Apr 24, 2001 at = 12:07:56PM
X-PGP-Key: 0x1EDDFAAD
X-PGP-Fingerprint: C665 A17F 9A56 286C 5CFB 1DEA 9F4F 5CEF 1EDD FAAD
X-Web-Homepage: http://sean.chittenden.org/
Sender: owner-freebsd-stable@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG


--Vxa5joy26gVGOrvU
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

=09

On Tue, Apr 24, 2001 at 12:07:56PM -0700, Bruce A. Mah wrote:
> Think about where to put the parsed set of vulnerable packages.

	With this comment, I'm lead to believe that there is no
central place where ports that have been marked as FORBIDDEN resides.
Fact or fiction?  Would anyone object to a new ports top level
directory called one of the following (or any combination thereof):

/usr/ports/Security
/usr/ports/Pkg-advisories
/usr/ports/Misc/Security/ports-advisories

	Something with an uppercase that should stay out of the way of
normal.

> It might live under /usr/ports or reside somewhere on the network.

	Being security consious, I'd be in favor of both, but a local
copy should be sufficient.

> Use fetch(1) to grab it from there, like pkg_version does for the
> INDEX file.

	Agreed && noted.  -sc


--=20
Sean Chittenden

--Vxa5joy26gVGOrvU
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Comment: Sean Chittenden <sean@chittenden.org>

iEYEARECAAYFAjrl2wIACgkQn09c7x7d+q2ezQCghjY9/I7UoO8xcAzb6iHzWtL+
pf8AnidC6k9aeNWa6k9nXLlLWs1P/Q5P
=0u8k
-----END PGP SIGNATURE-----

--Vxa5joy26gVGOrvU--

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message