Date: Sat, 12 Aug 2006 14:48:10 +0300 From: "Adrian Penisoara" <ady@freebsd.ady.ro> To: "Simon L. Nielsen" <simon@freebsd.org> Cc: freebsd-security@freebsd.org, freebsd-doc@freebsd.org Subject: Re: Ports security [was: Ports/source dance] Message-ID: <9e01a0da0608120448t7a82d8b9y8379a194d8d14a52@mail.gmail.com> In-Reply-To: <20060812112024.GA1076@zaphod.nitro.dk> References: <20060810132435.GB2636@rabbit> <44DB9955.10102@FreeBSD.org> <20060810204943.GG2164@rabbit> <9e01a0da0608110010nb48e90fra21f149b836d32fa@mail.gmail.com> <20060812112024.GA1076@zaphod.nitro.dk>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, On 8/12/06, Simon L. Nielsen <simon@freebsd.org> wrote: > > > > > What would the FreeBSD security officer say about this ? > > I was not on freebsd-isp, so I hadn't seen the start of this thread. > > Ports security issues should go to either freebsd-ports@, > freebsd-security@, or directly to the FreeBSD Security Team at > secteam@FreeBSD.org, if you want to catch the attention of the > Security Team. > > I don't currently see enough volume with regards to ports security > issues to warrant a separate mailing list. I think using > freebsd-security@ should be fine, and we can always create a new list > if needed. > > With regards to a separate security team for ports, it has been > discussed in the past, but so far hasn't been created mainly since it > haven't been a problem for secteam members working on ports just being > part of the "normal" secteam, while only/mostly working on ports > issues. > > It would be very nice if more people helped out with the ports side of > FreeBSD security, but when we had the last call for volunteers among > committers there weren't a lot of people volunteering to help out with > ports as part of the Security Team. > > That said, it's certainly no requirement to be a committer or to be > part of secteam to help out. Just create VuXML entries [1] [2] and > send them to freebsd-vuxml@FreeBSD.org or secteam@FreeBSD.org for > review and commit, or fix issues and send patches as PR's where > secteam is CC'ed. -- > Simon L. Nielsen > FreeBSD Deputy Security Officer > Thanks for the well-written response. I think at least part of it should make it into the FreeBSD Security Information page ( http://www.freebsd.org/security/ ) since currently there is just a simple reference towards VuXML for ports security. My 2cents, Adrian Penisoara Ady (@freebsd.ady.ro, @rofug.ro)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9e01a0da0608120448t7a82d8b9y8379a194d8d14a52>