Date: Tue, 18 Jun 2002 09:45:52 -0600 From: Brett Glass <brett@lariat.org> To: Eric Anderson <anderson@centtech.com>, Sheldon Hearn <sheldonh@starjuice.net> Cc: kgasso@blort.org, security@freebsd.org Subject: Re: CDs with patched Apache? Message-ID: <4.3.2.7.2.20020618094300.03202e50@localhost> In-Reply-To: <3D0F3010.A9F0995A@centtech.com> References: <7957.1024403108@axl.seasidesoftware.co.za>
next in thread | previous in thread | raw e-mail | index | archive | help
At 07:05 AM 6/18/2002, Eric Anderson wrote: >Maybe FreeBSD needs an "security update check" tool built into sysinstall, that >will do something like: > >If system is being installed from the net, or installing packages from the net, >automatically grab the update list, and show user possible security risks - >possibly asking the user if they would like to upgrade their package/system >right then. Excellent idea! >I think most commercial admins subscribe to the security lists, and will "do the >right thing", but it's the other half of the FreeBSD users that I would worry >about. And even a professional admin can sometimes miss a notice. They're not superhuman, y'know. >There is a reason that almost all OS's are using this tactic to get updates and >patches installed. If this was a seperate tool, it could be used to easily show >the admin what packages are at risk on the box, without the need to manually >match up pkg's installed versus packages at risk. Not only OSes, but other products such as virus checkers, spyware checkers.... Even tax preparation programs. Nowadays, when one sells ANY product on CD, it's a good bet that it will be stale upon arrival. This includes FreeBSD. The installer should anticipate this, as the installers for commercial products do. --Brett To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.3.2.7.2.20020618094300.03202e50>