On 2004.10.19 20:32:13 -0400, Dan Langille wrote:
> On Tue, 19 Oct 2004, Jacques A. Vidrine wrote:
>
> > > It would save many admins quite a bit of time.
> >
> > How so? (serious question)
>
> I don't have time just now to answer the other questions but I can answer
> this one.
>
> Portaudit tells me that port xyz is vulnerable. But there there is no
> fix. How do I know when there is a fix? Only by checking FreshPorts, cvs
> logs, the ports tree, trying to install the port, portupgrade, etc. I
> could do this daily for days without a fix.
>
> Instead, if portaudit reported that port xyz is vulernable and that there
> is a fix (if there actually is a fix), then all I need to do is monitor my
> daily security email that automagically includes the output of portaudit.
> I can then instantly know that it's time to run portupgrade on port xyz.
Since I really didn't think this should be that hard to do I made
simple proof-of-concept patch to implement this. It is currently an
ugly hack, but it works (well, in most cases it should anyway). It
requires an updated INDEX-5 to be on the system.
I don't have the time to make a proper patch at the moment, but I will
perhaps next week... I mainly post the current patch here for
inspiration if somebody else would like to play with this further.
--
Simon L. Nielsen
FreeBSD Documentation Team
portaudit-HACK-fix-avail.patch
Description: Text document
pgp1FpInxVx6k.pgp
Description: PGP signature
|
