Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 13 Jan 2008 13:14:07 +0100
From:      "=?ISO-2022-JP?B?GyRCSjhEOxsoQg==?=" <bunchou@googlemail.com>
To:        freebsd-questions@freebsd.org, "Erik Cederstrand" <erik@cederstrand.dk>
Subject:   Re: Secure update of /usr/src
Message-ID:  <cb5b777d0801130414l1f1427cekb49ee29a46140bf7@mail.gmail.com>
In-Reply-To: <4789F7DE.9090905@cederstrand.dk>
References:  <cb5b777d0801130217r6467751ay634d0111617afc05@mail.gmail.com> <4789F7DE.9090905@cederstrand.dk>

next in thread | previous in thread | raw e-mail | index | archive | help
2008/1/13, Erik Cederstrand <erik@cederstrand.dk>:
> 文鳥 wrote:
> > Hello all,
> >
> > is there any way to securely follow the STABLE branch of FreeBSD, e.g.
> > a cryptographically signed distribution method like portsnap? Afaik,
> > the usual update methods (CVSup, etc.) do not include any
> > authentication / integrity checking. Am I missing something here?
>
> freebsd-update(8) is portsnap for the base system. However, you can only
> follow RELEASE branches, not STABLE.
>
> Erik
>
Thanks for the reply. Unfortunately, I need to follow STABLE and (to
be policy-compliant) at the same time make sure that the code has not
been tampered with by, for example, checking the signature. Is there a
way to do this for STABLE?

Best regards



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?cb5b777d0801130414l1f1427cekb49ee29a46140bf7>