Date: Tue, 27 Aug 2002 10:05:08 -0700 From: Erick Mechler <emechler@techometer.net> To: David Olbersen <dave@slickness.org> Cc: freebsd-security@FreeBSD.ORG Subject: Re: Ports are insecure? Message-ID: <20020827170508.GI90157@techometer.net> In-Reply-To: <20020827165347.GA12522@slickness.org> References: <20020827165347.GA12522@slickness.org>
next in thread | previous in thread | raw e-mail | index | archive | help
:: I read (in this list I think) that somebody was of the opinion that :: every port installed decreases the security of a machine. I'm not sure I would go that far, but I would say that for every network port you have open, the amount of admin time does increase. In a way it does make it more insecure, but only if you don't keep up with security upgrades, patches, etc. :: How exactly does that work? Is this based in the idea that nearly :: anybody can contribute a port, but the core system is reviewed by a :: team? Not just anybody can contribute to a FreeBSD port entry; the commit still has to be done by an authorized committer. However, it's true that just about anybody's software package can become a port, so if you just blindly start installing ports, you might, on rare occasions, install a piece of software that's been trojaned (take the recent OpenSSH trojan for example). I hope (maybe) this addressed some of your questions :) If you have more questions about the ports system, I'd check out the relevant section of the Handbook: http://www.freebsd.org/doc/handbook/ports.html Cheers - Erick To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020827170508.GI90157>