portsnap, only for ports?
Kris Kennaway
kris at obsecurity.org
Fri Aug 19 13:53:38 GMT 2005
On Fri, Aug 19, 2005 at 12:46:37PM +0200, O. Hartmann wrote:
> Hello.
> I have some questions about portsnap. The intention of portsnap seems to
> be reasonable. But I miss a similar facility updating the operating
> system! One of the major arguments using portsnap is to avoid the
> intrusion of malicous code, injected via a 'man in the middle'. Thinking
> of so called root-kits it makes more sense to me securing the updates of
> source code of the operating system also or at first place. Are there
> any plans doing so? Or alternatives? I still use CVS updating the source
> code.
Stick to releases, which have signed MD5 checksums that you can verify
prior to installing.
Kris
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20050819/0bf8981f/attachment.bin
More information about the freebsd-questions
mailing list