From owner-freebsd-vuxml@FreeBSD.ORG Tue Aug 17 18:34:13 2004 Return-Path: Delivered-To: freebsd-vuxml@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B1A1A16A4CE; Tue, 17 Aug 2004 18:34:13 +0000 (GMT) Received: from pittgoth.com (14.zlnp1.xdsl.nauticom.net [209.195.149.111]) by mx1.FreeBSD.org (Postfix) with ESMTP id 347E843D4C; Tue, 17 Aug 2004 18:34:13 +0000 (GMT) (envelope-from trhodes@FreeBSD.org) Received: from localhost (acs-24-154-239-170.zoominternet.net [24.154.239.170]) (authenticated bits=0) by pittgoth.com (8.12.10/8.12.10) with ESMTP id i7HIWk0l076099 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Tue, 17 Aug 2004 14:32:47 -0400 (EDT) (envelope-from trhodes@FreeBSD.org) Date: Tue, 17 Aug 2004 14:33:22 -0400 From: Tom Rhodes To: "Jacques A. Vidrine" Message-Id: <20040817143322.56d0b19f@localhost> In-Reply-To: <20040817182719.GB46244@madman.celabo.org> References: <20040817175847.GC43426@madman.celabo.org> <0569BE5A-F07B-11D8-924A-00039312D914@fillmore-labs.com> <20040817182719.GB46244@madman.celabo.org> X-Mailer: Sylpheed-Claws 0.9.12 (GTK+ 1.2.10; i386-portbld-freebsd5.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit cc: freebsd-vuxml@FreeBSD.org cc: Tom Rhodes Subject: Re: cvs commit: ports/security/portaudit-db/database portaudit.txt portaudit.xlist portaudit.xml X-BeenThere: freebsd-vuxml@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Documenting security issues in VuXML List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 Aug 2004 18:34:13 -0000 On Tue, 17 Aug 2004 13:27:19 -0500 "Jacques A. Vidrine" wrote: > On Tue, Aug 17, 2004 at 08:26:56PM +0200, Oliver Eikemeier wrote: > > epoch 0? 1970-01-01? Or the date vuxml was announced? This would be > > easier to find than XXX, especially in a rendered version. Or just leave > > the entry empty. > > > > Any constant will do, it could be easily rendered to `unknown'. I find a > > non-constant value (date of entry) a bad choice it is more difficult to > > test against (and could be correct). > > Yes, you are right, we just need a constant string like 'unknown' or > 'unspecified'. > > > >By way of example, I've been using FreeBSD 4.7-RELEASE-p1 == 4.7_1. I'm > > >not entirely satisfied and I am open to suggestions. This part has been > > >ill-specified. :-( > > > > Ehm, __FreeBSD_version? What's bad with that? Documented in the Porters > > Handbook, and to find out. > > __FreeBSD_version is for developers, not users. Users need to see > actual release numbers. > > Cheers, Do we bump __FreeBSD_version for security patches though? This always drove me nuts. As I said, a simple ident(1) and then a quick compare would work. I do something similar in an upgrade script: # Define two functions here: system_mysql and port_mysql and assign # them a task. system_mysql() { system=`ls /var/db/pkg | grep 'mysql-server' | sed 's/mysql-server-//'` } port_mysql() { port=`cat /usr/ports/databases/mysql323-server/Makefile | grep 'PORTVERSION=' |\ sed 's/PORTVERSION=//' | awk '{ print $1 }'` } #if [ "$port" == "$system" ]; #then /usr/bin/printf "MySQL Server is up to date.\n" >> $log; #elif [ "$port" != "$system" ]; #then /usr/bin/mysqldump --opt pittgoth > /root/pittgoth.sql; #if [ $? -eq 0 ] && [ -s /root/pittgoth.sql ]; #then /bin/chmod 777 /var/db/mysql && /bin/rm -rf /var/db/mysql; # else /usr/bin/printf \ # "An error occured while backing up the database.\n" >> $log && #/usr/bin/printf "This command has failed and will exit.\n" \ #>> $log && exit #fi #else /usr/bin/printf "An unknown error occured during the database upgrade.\n" >> \ #$log; #fi Retarded, perhaps, but it can work. :) -- Tom Rhodes