Re: Adding packages with security problems - how to know?

To: Tonnerre Lombard <tonnerre%NetBSD.org@localhost>
Subject: Re: Adding packages with security problems - how to know?
From: Aleksey Cheusov <cheusov%tut.by@localhost>
Date: Wed, 17 Sep 2008 22:17:01 +0300

 >> "Should we try to monitor package additions as well,
 >> looking for potentially hazardous packages and re-opening old tickets
 >> in question?"

> Thing is, this puts an additional burden on us. For every package added
> to pkgsrc, we have to search our database for entries matching the
> package name, and if there's a match, test if it still applies, and if
> so, we go to the normal procedure.
If I understand the problem correctly you can easily do 
this even in shell. See wip/awk-pkgsrc-dewey.
...provided that your security database is text file :-)

-- 
Best regards, Aleksey Cheusov.

Follow-Ups:
- Re: Adding packages with security problems - how to know?
  - From: Tonnerre Lombard

References:
- Adding packages with security problems - how to know?
  - From: Tonnerre Lombard
- Re: Adding packages with security problems - how to know?
  - From: Adam Hoka
- Re: Adding packages with security problems - how to know?
  - From: Tonnerre Lombard
- Re: Adding packages with security problems - how to know?
  - From: Adam Hoka
- Re: Adding packages with security problems - how to know?
  - From: Tonnerre Lombard

Prev by Date: Problems with pkgsrc aspell (0.60.6)
Next by Date: Re: Adding packages with security problems - how to know?
Previous by Thread: Re: Adding packages with security problems - how to know?
Next by Thread: Re: Adding packages with security problems - how to know?
Indexes:

Home | Main Index | Thread Index | Old Index