Date: Wed, 19 Dec 2007 19:30:11 -0800 From: "Kurt Buff" <kurt.buff@gmail.com> To: jekillen <jekillen@prodigy.net> Cc: FreeBSD Mailing List <freebsd-questions@freebsd.org> Subject: Re: e-mail to root Message-ID: <a9f4a3860712191930h5c5237e0k966dd3b7ff7ae89c@mail.gmail.com> In-Reply-To: <e4f5c90ff64ee7b4d210d5597ff25e33@prodigy.net> References: <e4f5c90ff64ee7b4d210d5597ff25e33@prodigy.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Dec 19, 2007 6:54 PM, jekillen <jekillen@prodigy.net> wrote: > Hello: > Is there a manual or other publication that deals specifically with > reading e-mail messages to root for FreeBSD? I have gotten a > message: > > setuid diffs: > --- /var/log/setuid.today Sat Sep 8 03:01:34 2007 > +++ /tmp/security.9Jz0CWds Wed Dec 19 03:01:38 2007 > > followed by references to various programs > > then the next segment: > Checking for a current audit database: > > Downloading fresh database. > auditfile.tbz 46 kB 42 kBps > New database installed. > Database created: Wed Dec 19 14:40:00 PST 2007 > > Checking for packages with security vulnerabilities: > > followed by numerous references to programs and > files on the FreeBSD site. > > and I do not know quite what this means. It means that you have portaudit installed, and it's run as part of the daily scripts. That's a good thing. I'd recommend consulting the portaudit man page What it's found are packages on your machine that have security bulletins against them - that is, the packages named have vulnerabilities known to the FreeBSD Security team, which they believe should be patched. There's a link to the bulletin for each one - I think you'll find it enlightening to read some or all of them. I'd do a 'pkg_add -r portupgrade' to install that package, do a cvsup to get a current ports tree, then assess, very carefully, what you want to upgrade. IMHO all of the packages mentioned should probably get upgraded, unless you have *exceptional* reasons not to. To upgrade you can do 'portupgrade <packagename>' for each package named, or if you're feeling bold, 'portupgrade -aRr'. > I know that setuid is cause > for concern. I have three other machines with FreeBSD, with one > going back over a year of virtually continuous 24/7 operation and > this is the first time I have seen this type of message. For the > programs > reported with security problems it begs the question of dependencies > if they are removed or updated. Some references are to cups and > fetchmail > neither of which I use or have use for, that I am aware of. Portupgrade will take care of dependencies. No worries, though you should also peruse the man page for portupgrade to get your knowledge up. > This > particular > machine is primarily a web server. It does have Postfix running but just > uses local delivery and only listens on private network interface. > I am also a little dubious about posting any specifics to a public > mailing > list. > I am admittedly a novice at this (on all my own systems so no one > else's behind is on the line). Short of paying consultation fees to > someone, this is about the only live contact I have on the subject. > Thanks in advance for info: We were all novices - I still am, in far too many ways. Don't sweat it, and keep asking questions. Also, start reading the FreeBSD Handbook - it's online, and also downloadable, and covers this very topic. Kurt
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?a9f4a3860712191930h5c5237e0k966dd3b7ff7ae89c>