From owner-freebsd-security Tue Aug 27 9:54:55 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9EB9937B400 for ; Tue, 27 Aug 2002 09:54:52 -0700 (PDT) Received: from bubbles.electricutopia.net (bubbles.electricutopia.net [63.214.178.76]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4739B43E86 for ; Tue, 27 Aug 2002 09:54:51 -0700 (PDT) (envelope-from dave@slickness.org) Received: by bubbles.electricutopia.net (Postfix, from userid 1001) id 6ECA115485; Tue, 27 Aug 2002 09:53:47 -0700 (PDT) Date: Tue, 27 Aug 2002 09:53:47 -0700 From: David Olbersen To: freebsd-security@freebsd.org Subject: Ports are insecure? Message-ID: <20020827165347.GA12522@slickness.org> Mail-Followup-To: freebsd-security@freebsd.org Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="G4iJoqBmSsgzjUCe" Content-Disposition: inline User-Agent: Mutt/1.4i Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --G4iJoqBmSsgzjUCe Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable I read (in this list I think) that somebody was of the opinion that every port installed decreases the security of a machine. How exactly does that work? Is this based in the idea that nearly anybody can contribute a port, but the core system is reviewed by a team? And, if I'm to believe this and limit my use of ports, doesn't that mean I'll be doing a lot of build-worlding to update specific applications? I'm probably just not understanding all the upgrade paths. Could somebody help me understand? --=20 Dave --G4iJoqBmSsgzjUCe Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (FreeBSD) iD8DBQE9a66brtSBoeosATgRAppDAJ4mRRDzkXudgIGc3pU2ETnZ5+LrIgCfYgOs K/tX7qb2RcNhrbmWqKMZ5XU= =9Gvi -----END PGP SIGNATURE----- --G4iJoqBmSsgzjUCe-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message