Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 4 Feb 2004 21:38:21 +0200
From:      Ion-Mihai Tetcu <itetcu@apropo.ro>
To:        Ion-Mihai Tetcu <itetcu@apropo.ro>
Cc:        FreeBSD User Questions List <freebsd-questions@freebsd.org>
Subject:   Re: Vulnerability check disabled
Message-ID:  <20040204213821.1803b3f0@it.buh.cameradicommercio.ro>
In-Reply-To: <20040204212601.42d6f19f@it.buh.cameradicommercio.ro>
References:  <20040204193127.70e3568f.ggop@myrealbox.com> <20040204201702.55f0321f@it.buh.cameradicommercio.ro> <1075919144.761.13.camel@gyros> <20040204212601.42d6f19f@it.buh.cameradicommercio.ro>

next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 4 Feb 2004 21:26:01 +0200
Ion-Mihai Tetcu <itetcu@apropo.ro> wrote:

[..]

> >>> Type: FEATURE
> 
>  Title: Do not install ports with security vulnerabilities
 
[..]
 
> Now, maybe this could be clarified a little bit in CHANGES ?
> 
> Like:
> __
> 
> For using the new security feature of ports infrastructure, you should:
> cd /usr/ports/security/portaudit; make install

Note that this is a prerelease version, it is mostly usable for
committers that want to contribute to the project, and can currently
not be relied upon as an extensive security auditing tool.

> /usr/local/etc/periodic/daily/330.fetchaudit
> To test:
> cd /usr/ports/security/vulnerability-test-port
> make INSTALLATION_DATE=`date -u -v-14d "+%Y.%m.%d"` install
> 
> A message like this should appear:
>  ===>  vulnerability-test-port-2004.01.14 has known vulnerabilities:
>  >> Not vulnerable, just a test port (database: 2004-01-28).
>     Reference: <http://www.freebsd.org/cgi/cvsweb.cgi/ports/security/vulnerability-test-port/>;
>  >> Please update your ports tree and try again.
>  *** Error code 1
> 
> If you don't install this port, for the majority of make's targtets you
> will get the following message:
> ===>  Vulnerability check disabled
> __
> 
> 
> IMHO, as this is a log desired feature, a news on annouce@ / security /
> security-notifications could be send.
> 
> Now, what is the status of the vulnerabilities database ?

Did I just responded to my question ?

-- 
IOnut
Unregistered ;) FreeBSD user



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040204213821.1803b3f0>