pkgsrc-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Adding packages with security problems - how to know?

 >> "Should we try to monitor package additions as well,
 >> looking for potentially hazardous packages and re-opening old tickets
 >> in question?"

> Thing is, this puts an additional burden on us. For every package added
> to pkgsrc, we have to search our database for entries matching the
> package name, and if there's a match, test if it still applies, and if
> so, we go to the normal procedure.
If I understand the problem correctly you can easily do 
this even in shell. See wip/awk-pkgsrc-dewey.
...provided that your security database is text file :-)

Best regards, Aleksey Cheusov.

Home | Main Index | Thread Index | Old Index