cvs commit: doc/en_US.ISO8859-1/books/handbook/ports chapter.sgml

Jacques A. Vidrine nectar at FreeBSD.org
Sat Apr 3 09:06:00 PST 2004


On Sat, Apr 03, 2004 at 06:30:04PM +0200, Simon L. Nielsen wrote:
> On 2004.04.03 08:21:33 -0800, Marc Fonvieille wrote:
> > blackend    2004/04/03 08:21:33 PST
> > 
> >   FreeBSD doc repository
> > 
> >   Modified files:
> >     en_US.ISO8859-1/books/handbook/ports chapter.sgml 
> >   Log:
> >   Add some warnings: people should check http://vuxml.freebsd.org/ before
> >   installing any application.

Thanks, Marc!

> Isn't that a bit overkill?  Ports that have security issues are marked
> FORBIDDEN so users can't install them.  If people want extra securirty
> they can use portaudit which checks the vuxml databases automatically.
> 
> I also think it would be very hard to check vuxml manually in many
> cases, since ports can have a lot of dependencies, which might also
> contain security problems.

I haven't looked at the diff, but, it would probably be good to say more
or less:

  Please check http://vuxml.freebsd.org/ for security issues, or you
  can use portaudit to automate the checking for you.

Cheers,
-- 
Jacques Vidrine / nectar at celabo.org / jvidrine at verio.net / nectar at freebsd.org


More information about the cvs-doc mailing list