Date: Mon, 3 May 2004 01:29:10 +0800 From: Xin LI <delphij@frontfree.net> To: freebsd-security@FreeBSD.org Subject: What's our current policy on ports FORBIDDEN knob? Message-ID: <20040502172910.GA775@frontfree.net>
next in thread | raw e-mail | index | archive | help
--8t9RHnE3ZwKMSgU+ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Greetings, I'm a little curious about the way FORBIDDEN knob is used in ports system. Traditionally, we use it to mark a port which have known security issue, with the new vuxml mechanism, are we still doing the same thing when necessary? Or, only the "critical" ones, for example, remote exploitable buffer overruns, etc? If the second assumption (only critical ones are marked FORBIDDEN) is true, then what's our criteria of what should be marked FORBIDDEN or not? Say, how serious a bug should be before a port is marked FORBIDDEN? Someone who knows about these things please clarify this. Thanks in advance! Cheers, --=20 Xin LI <delphij frontfree net> http://www.delphij.net/ See complete headers for GPG key and other information. --8t9RHnE3ZwKMSgU+ Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQFAlS/mOfuToMruuMARAgvbAJ9JBZ4CNDaAmp8B/0Q5PJy4k9YsqwCfVRtJ YGZ6AVtdjrXyJet5kIvCXik= =g7ca -----END PGP SIGNATURE----- --8t9RHnE3ZwKMSgU+--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040502172910.GA775>