secure /usr/src update

Sun Aug 26 01:22:21 PDT 2007

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Martin Laabs wrote:

> as far as I know neither CVSup, CTM nor (anonymous) CVS support any
> kind of (cryptographic) signing or encryption.
> Now I'd like to know if it is possible to obtain or update the base system
> in a secure and reliable way at all. For the ports collection there is
> portsnap which seems for me - in respect to the security issue - well
> concepted.

http://www.daemonology.net/freebsd-update/

although that page is now legacy, as FreeBSD update is a fully
blessed part of the base system in 6.2+

It's from the same person (Colin Percival) who bought us portsnap,
and he just happens to be FreeBSD security office too...

	Cheers,

	Matthew

- --
Dr Matthew J Seaman MA, D.Phil.                   7 Priory Courtyard
                                                  Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey     Ramsgate
                                                  Kent, CT11 9PW
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.4 (FreeBSD)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFG0Tg28Mjk52CukIwRCJb6AKCU8nfoipsiat6GOCEEoO/9W7ntxwCeJWch
m52WDdhBauNUdo26in193yo=
=H16f
-----END PGP SIGNATURE-----