ports vulnerabilities

Dan Mahoney, System Admin danm at prime.gushi.org
Wed Nov 17 12:31:16 PST 2004


I had heard a bit about the new "vulnerability check" in FreeBSD's ports. 
I tried reading /usr/ports/updating and saw something like:


  Description: A new vulnerabilities database has been added to the
  ports system in order to keep more accurate, up-to-date, track of
  security vulnerabilities.  The ports system now knows how to query
  that database and dynamically prevents the installation of vulnerable
  ports.

I had to do some more digging around on various googles to find out that 
in order to USE this ability, I had to install the portaudit port.  This 
seems like a useful feature, but I'm curious: Why isn't this in the base 
system?

I tried to install a port which had a conflict (ImageMagick) but I 
didn't feel the vulnerability was significant enough to warrant waiting 
for a new port to be created.  I looked in the ports man page for an 
override environment variable, but "vulnerability check" isn't even 
mentioned there.  Could this please get stuck into the manpages?

-Dan Mahoney

--

<Zaren> Christ almighty...  my EYES!  They're melting!

-Zaren, Efnet #macintosh, in response to:

www.geocities.com/CollegePark/Classroom/1944
The WEBSITE DESIGN class that gave my fiancee a D.

--------Dan Mahoney--------
Techie,  Sysadmin,  WebGeek
Gushi on efnet/undernet IRC
ICQ: 13735144   AIM: LarpGM
Site:  http://www.gushi.org
---------------------------



More information about the freebsd-questions mailing list