Date: Sat, 15 Jul 2000 04:07:10 -0600 From: Warner Losh <imp@village.org> To: Stijn Hoop <stijn@win.tue.nl> Cc: "Bruce A. Mah" <bmah@cisco.com>, ports@freebsd.org Subject: Re: Version question/request Message-ID: <200007151007.EAA46560@harmony.village.org> In-Reply-To: Your message of "Sat, 15 Jul 2000 11:54:04 %2B0200." <20000715115404.D92785@pcwin002.win.tue.nl> References: <20000715115404.D92785@pcwin002.win.tue.nl> <200007150511.XAA01511@billy-club.village.org> <200007150550.e6F5o0P02257@bmah-freebsd-0.cisco.com>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <20000715115404.D92785@pcwin002.win.tue.nl> Stijn Hoop writes: : On Fri, Jul 14, 2000 at 10:50:00PM -0700, Bruce A. Mah wrote: : > If memory serves me right, Warner Losh wrote: : > > I'd like to create a script that runs in /etc/security that will : > > produce output like the following: : > > : > > YOUR SYSTEM HAS THE FOLLOWING PORTS THAT HAVE KNOWN SECURITY ISSUES IN : > > THE VERSION YOU ARE RUNNING: : > > woofootd (have 2.1 need 2.2) : > > qpooper (have 2.98 need 3.11) : > > etc : : Cool idea! : : > Nice. One thing I'd suggest is that the script gets updated as a part : > of the Ports Collection, rather than as one of the source collections. : > I'm presuming that many users will cvsup their Ports Collection tree : > far more frequently than they'd do a make world. : : I second this. You wouldn't have to CVSUP anything. there's be a database maintained by the security officer that would contain known bad version ranges. The script would contact a central database server, or one of the mirrors, grab the whole database (since it will be relatively small), verify that the key that signed the database is good and then check to see if the versions that are bad are on the system and whine if they are. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200007151007.EAA46560>