Re: portaudit
On Wed, Mar 17, 2004 at 02:00:51AM -0500, Peter C. Lai wrote:
> Any reason why portaudit and its associated infrastructure was not announced to
> this list or security-notifications? I recently discovered it, and discovered
> the feature was added to bsd.port.mk in the beginning of feburary. Seeing as
> the security officer apparently (without announcement) no longer issues
> security notices (SNs) for ports, I am assuming that portaudit has replaced
> SNs entirely, and that we should rely on that for ports operational security?
> I'm not subscribed to -ports, -questions, or -current, which were apparently
> where the portaudit introduction discussions took place.
VuXML is the new mechanism for documenting security issues in ports. It
has not been `announced' because it is still at an experimental stage.
portaudit is one tool that reads the FreeBSD VuXML document, and is well-
suited for automated checking.
Cheers,
--
Jacques Vidrine / nectar@celabo.org / jvidrine@verio.net / nectar@freebsd.org
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
討論串 (同標題文章)
完整討論串 (本文為第 2 之 11 篇):