Re: security scripts diff

看板FB_security作者時間16年前 (2010/02/02 03:32), 編輯推噓0(000)
留言0則, 0人參與, 最新討論串4/4 (看更多)
On Sun, Jan 31, 2010 at 04:40:03PM -0800, David Wolfskill wrote: > On Mon, Feb 01, 2010 at 03:13:39AM +0300, Dmitry Morozovsky wrote: > > Dear colleagues, > > > > looking at regular security mails I found that foloowing patch would greatly > > desreases amount of false positive reports; it's totally possible I'm missing > > some vital areas, but my current look at security scripts did not reveal any. > > > > What do you think? Thank you in advance. > > ... > > I think maybe -b ("Ignore changes in the amount of white space.") might > be better than -w ("Ignore all white space."), as the presence or > absence of *some* white space can be a signifant difference (e.g., to a > non-FORTRAN IV parser). I've always disliked the feature which lists unchanged files on security emails (100.chksetuid). I've created a patch some time ago. http://www.freebsd.org/cgi/query-pr.cgi?pr=conf/119464 -- "In the beginning the Universe was created. This has made a lot of people very angry and been widely regarded as a bad move." -- Douglas Adams 1952 - 2001 _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
更多 ejk. 的文章
文章代碼(AID): #1BPomo1o (FB_security)
更多 ejk. 的文章
文章代碼(AID): #1BPomo1o (FB_security)