Vulnerability check disabled
Ion-Mihai Tetcu
itetcu at apropo.ro
Wed Feb 4 11:36:58 PST 2004
On Wed, 4 Feb 2004 21:26:01 +0200
Ion-Mihai Tetcu <itetcu at apropo.ro> wrote:
[..]
> >>> Type: FEATURE
>
> Title: Do not install ports with security vulnerabilities
[..]
> Now, maybe this could be clarified a little bit in CHANGES ?
>
> Like:
> __
>
> For using the new security feature of ports infrastructure, you should:
> cd /usr/ports/security/portaudit; make install
Note that this is a prerelease version, it is mostly usable for
committers that want to contribute to the project, and can currently
not be relied upon as an extensive security auditing tool.
> /usr/local/etc/periodic/daily/330.fetchaudit
> To test:
> cd /usr/ports/security/vulnerability-test-port
> make INSTALLATION_DATE=`date -u -v-14d "+%Y.%m.%d"` install
>
> A message like this should appear:
> ===> vulnerability-test-port-2004.01.14 has known vulnerabilities:
> >> Not vulnerable, just a test port (database: 2004-01-28).
> Reference: <http://www.freebsd.org/cgi/cvsweb.cgi/ports/security/vulnerability-test-port/>
> >> Please update your ports tree and try again.
> *** Error code 1
>
> If you don't install this port, for the majority of make's targtets you
> will get the following message:
> ===> Vulnerability check disabled
> __
>
>
> IMHO, as this is a log desired feature, a news on annouce@ / security /
> security-notifications could be send.
>
> Now, what is the status of the vulnerabilities database ?
Did I just responded to my question ?
--
IOnut
Unregistered ;) FreeBSD user
More information about the freebsd-questions
mailing list