From owner-freebsd-security  Fri Dec 15 17:57:46 2000
From owner-freebsd-security@FreeBSD.ORG  Fri Dec 15 17:57:45 2000
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from hellfire.hexdump.org (h006097e24f05.ne.mediaone.net [24.128.117.73])
	by hub.freebsd.org (Postfix) with ESMTP id 8337D37B400
	for <security@FreeBSD.ORG>; Fri, 15 Dec 2000 17:57:44 -0800 (PST)
Received: from localhost (freebsd@localhost)
	by hellfire.hexdump.org (8.11.1/8.11.1) with ESMTP id eBG1xhl12127;
	Fri, 15 Dec 2000 20:59:44 -0500 (EST)
	(envelope-from freebsd@hexdump.org)
Date: Fri, 15 Dec 2000 20:59:43 -0500 (EST)
From: Jeff Gentry <freebsd@hexdump.org>
To: Mikhail Kruk <meshko@cs.brandeis.edu>
Cc: Anil Jangity <aj@entic.net>, jrz <jrz@cnmnetwork.com>,
	security@FreeBSD.ORG
Subject: Re: Security Update Tool..
In-Reply-To: <Pine.LNX.4.30.0012151959380.1733-100000@daedalus.cs.brandeis.edu>
Message-ID: <Pine.BSF.4.21.0012152058170.12122-100000@hellfire.hexdump.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Fri, 15 Dec 2000, Mikhail Kruk wrote:
> I'm not sure that many people would like that kind of automation, but what
> is really missing IMHO is ability to mark ports whichs are insecure and
> add some option to pkg_info which will check all installed packages. I
> think OpenBSD has exacty this, no?

I don't think it has to be automated *and* "behind the covers" ...
I think a 2 stage process would be good -> first stage figures out what
(if any) you need, and if possible, explains why.  The 2nd stage would
allow you to apply changes if you wanted to or not.

-- 
    Jeff Gentry  jester@hexdump.org  gentrj@hexdump.org
           SEX           DRUGS           UNIX



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message