Date: Sat, 15 Jul 2000 08:04:54 -0700 From: bmah@cisco.com (Bruce A. Mah) To: Ben Smithurst <ben@FreeBSD.ORG> Cc: Warner Losh <imp@village.org>, Stijn Hoop <stijn@win.tue.nl>, "Bruce A. Mah" <bmah@cisco.com>, ports@FreeBSD.ORG Subject: Re: Version question/request Message-ID: <200007151504.e6FF4se08289@bmah-freebsd-0.cisco.com> In-Reply-To: <20000715134504.E84045@strontium.scientia.demon.co.uk> References: <20000715115404.D92785@pcwin002.win.tue.nl> <200007150511.XAA01511@billy-club.village.org> <200007150550.e6F5o0P02257@bmah-freebsd-0.cisco.com> <20000715115404.D92785@pcwin002.win.tue.nl> <200007151007.EAA46560@harmony.village.org> <20000715134504.E84045@strontium.scientia.demon.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
--==_Exmh_-1867284186P Content-Type: text/plain; charset=us-ascii If memory serves me right, Ben Smithurst wrote: > Warner Losh wrote: > > > You wouldn't have to CVSUP anything. there's be a database maintained > > by the security officer that would contain known bad version ranges. > > The script would contact a central database server, or one of the > > mirrors, grab the whole database (since it will be relatively small), > > How do you suggest that will work for those of us without permanent > Internet connections? Not all the world has cheap/free net access, you > know. I share this concern. We need to support people who can only pull information to their machines infrequently, not whenever a script on the system decides it needs to fetch something. > I suggest making it optional -- either use a local database, which > you can cvsup, or use the central database for those with a permanent > network connection. Maybe there can be a local cached copy, and then the script can run around (right before doing the checks) and see if there are newer versions on the net, in the ports tree, manually updated from a file, etc. Clearly the cache has to be revalidated with respect to its (pick your favorite cryptographic checksum) signing. Bruce. --==_Exmh_-1867284186P Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 5.0i for non-commercial use MessageID: h/PD66mZ3yOUyXUvYmt4qJvrc6HrU2I2 iQA/AwUBOXB9ltjKMXFboFLDEQIEfgCg5bc4DRO6GhoRhIkPkoOD07sh+iYAoJZz rfIomeBQ98vQc8BmtVvFXrXx =RoKr -----END PGP SIGNATURE----- --==_Exmh_-1867284186P-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200007151504.e6FF4se08289>