Date: Mon, 22 May 2006 09:27:10 +0200 From: "Constant, Benjamin" <bconstant@be.tiauto.com> To: 'Colin Percival' <cperciva@freebsd.org> Cc: freebsd security <freebsd-security@freebsd.org>, FreeBSD Stable <freebsd-stable@freebsd.org> Subject: RE: FreeBSD Security Survey Message-ID: <B6D948D84090A54ABCD88AA391DAAC8C02EB6E7A@tiasbel00ex00.be.eu.tiauto.com>
next in thread | raw e-mail | index | archive | help
Hi, We don't use binary update as we use custom kernels. We're using portaudit for security flaw with the installed ports but I don't think there is any equivalent for the base and kernel? I'm subscribed and I'm monitoring the FreeBSD Security Advisories mailing-list but there is (as far as I know) no easy system like portaudit to compare you installed base and kernel source tree against security advisories. Are there best practices in this area knowing that all my system are not running the same level of patches and non of them are running something else then -STABLE? I'll probably switch from -STABLE to -RELENG in the future (was not possible in the beginning as features we're looking for were only in -STABLE) and apply security fixes but I think it won't change the amount of work to perform compared to a non source based operating system. Regards, Benjamin Constant > -----Original Message----- > From: owner-freebsd-stable@freebsd.org [mailto:owner-freebsd- > stable@freebsd.org] On Behalf Of Colin Percival > Sent: lundi 22 mai 2006 5:55 > To: freebsd security; FreeBSD Stable > Subject: FreeBSD Security Survey > > Dear FreeBSD users and system administrators, > > While the FreeBSD Security Team has traditionally been very good at > investigating and responding to security issues in FreeBSD, this only > solves half of the security problem: Unless users and administrators > of FreeBSD systems apply the security patches provided, the advisories > issued accomplish little beyond alerting potential attackers to the > presence of vulnerabilities. > > The Security Team has been concerned for some time by anecdotal reports > concerning the number of FreeBSD systems which are not being promptly > updated or are running FreeBSD releases which have passed their End of > Life dates and are no longer supported. In order to better understand > which FreeBSD versions are in use, how people are (or aren't) keeping > them updated, and why it seems so many systems are not being updated, I > have put together a short survey of 12 questions. The information gathered > will inform the work done by the Security Team, as well as my own personal > work on FreeBSD this summer. > > If you administrate system(s) running FreeBSD (in the broad sense of "are > responsible for keeping system(s) secure and up to date"), please visit > http://people.freebsd.org/~cperciva/survey.html > and complete the survey below before May 31st, 2006. > > Thanks, > Colin Percival > FreeBSD Security Officer > _______________________________________________ > freebsd-stable@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" The information contained in this transmission may contain privileged and confidential information. It is intended only for the use of the person(s) named above. If you are not the intended recipient, you are hereby notified that any review, dissemination, distribution or duplication of this communication is strictly prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?B6D948D84090A54ABCD88AA391DAAC8C02EB6E7A>