tech-pkg archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: audit-packages/download-vulnerability-list integration?

On Mon, Jul 14, 2008 at 02:24:23AM +0200, Hubert Feyrer wrote:
> Looking at -current: Now that audit-packages and 
> download-vulnerability-list are part of the base system, I think it would 
> be nice to offer hooks to run them nightly, e.g. via daily.conf(5) or 
> security.conf(5). I haven't seen any references there, though - can this 
> be added, is it intended that users add manual cronjobs, or what's the 
> idea here?

This seems to be a topic for current-users, since you are talking about
the base system.
IMHO they should not be activated by default, if they will be added.

Packages are optional and so it shouldn't run automatically since it
requires an up to date vulnerability file and doing that is not a good
idea. Think about systems which are not allowed to be modified or
what if every new installation connects to a server for getting it at
the same time. Or what if such systems have no packagea at all installed.


Home | Main Index | Thread Index | Old Index