ports vulnerabilities
Dan Mahoney, System Admin
danm at prime.gushi.org
Wed Nov 17 12:31:16 PST 2004
I had heard a bit about the new "vulnerability check" in FreeBSD's ports.
I tried reading /usr/ports/updating and saw something like:
Description: A new vulnerabilities database has been added to the
ports system in order to keep more accurate, up-to-date, track of
security vulnerabilities. The ports system now knows how to query
that database and dynamically prevents the installation of vulnerable
ports.
I had to do some more digging around on various googles to find out that
in order to USE this ability, I had to install the portaudit port. This
seems like a useful feature, but I'm curious: Why isn't this in the base
system?
I tried to install a port which had a conflict (ImageMagick) but I
didn't feel the vulnerability was significant enough to warrant waiting
for a new port to be created. I looked in the ports man page for an
override environment variable, but "vulnerability check" isn't even
mentioned there. Could this please get stuck into the manpages?
-Dan Mahoney
--
<Zaren> Christ almighty... my EYES! They're melting!
-Zaren, Efnet #macintosh, in response to:
www.geocities.com/CollegePark/Classroom/1944
The WEBSITE DESIGN class that gave my fiancee a D.
--------Dan Mahoney--------
Techie, Sysadmin, WebGeek
Gushi on efnet/undernet IRC
ICQ: 13735144 AIM: LarpGM
Site: http://www.gushi.org
---------------------------
More information about the freebsd-questions
mailing list