Date: Mon, 17 Nov 2003 17:00:16 +0000 From: Colin Percival <colin.percival@wadham.ox.ac.uk> To: Carol Overes <caroloveres@yahoo.com>, freebsd-stable@freebsd.org Subject: Re: Secure updating of OS and ports Message-ID: <5.0.2.1.1.20031117165641.03101720@popserver.sfu.ca> In-Reply-To: <20031117140240.41031.qmail@web20710.mail.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
At 06:02 17/11/2003 -0800, Carol Overes wrote: >I'm thinking of updating kernel and binaries with >patches form ftp.freebsd.org which are siganed with >the PGP key of the security officers. However, this >has to be hand-made patching. Does anyone know a >secure way via for example cvsup ? CVSup is insecure. FreeBSD Update might do what you want, but you'd have to trust me. :) >Also, I'm looking for a secure way to update ports >applications. How can I check that patches for ports >doesn't contain any trojans for example, or are coming >from the original source. There isn't any way to update the ports tree securely. I'd like to fix this, but at the moment I need to give priority to my DPhil work, so it probably isn't going to happen in the near future. Colin Percival
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5.0.2.1.1.20031117165641.03101720>