Date: Mon, 23 Apr 2001 22:27:22 -0700 From: Rich Morin <rdm@cfcl.com> To: freebsd-hackers@FreeBSD.ORG Subject: automated checking of Security Advisories Message-ID: <p0500190bb70abb629b4c@[192.168.168.205]>
next in thread | raw e-mail | index | archive | help
I have a partly-baked idea regarding the security advisories that I see on freebsd-announce. While I applaud the intent of these notices, I wonder if some sort of automation might not make them a bit more useful. Let's say we encoded the advisories in XML and put them up for HTTP access, encoding the version characterization information (e.g., Affects) in some mechanically-usable fashion. Then, a Perl script on the local machine could look up the advisories, run the tests, and report the results, all without compromising the privacy of the local system. I am quite willing to write a first cut at the client code, but I think I need to get some buy-in from the folks who are generating the advisories. Specifically, I need version characterization data in a form which can be reliably used by an automated script. Is this generally a feasible thing to provide? If so, the rest seems pretty simple. I can read the advisories as they come in over email, parse them and munge them into XML (with a bit of hand-work, if need be) and put them up for general access. -r -- http://www.cfcl.com/rdm - home page, resume, etc. http://www.cfcl.com/Meta/md_fb.html - The FreeBSD Browser email: rdm@cfcl.com; phone: +1 650-873-7841 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?p0500190bb70abb629b4c>