[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: audit-packages/download-vulnerability-list integration?
Bernd Ernesti wrote:
On Mon, Jul 14, 2008 at 02:24:23AM +0200, Hubert Feyrer wrote:
Looking at -current: Now that audit-packages and
download-vulnerability-list are part of the base system, I think it would
be nice to offer hooks to run them nightly, e.g. via daily.conf(5) or
security.conf(5). I haven't seen any references there, though - can this
be added, is it intended that users add manual cronjobs, or what's the
This seems to be a topic for current-users, since you are talking about
the base system.
IMHO they should not be activated by default, if they will be added.
Packages are optional and so it shouldn't run automatically since it
requires an up to date vulnerability file and doing that is not a good
idea. Think about systems which are not allowed to be modified or
what if every new installation connects to a server for getting it at
the same time. Or what if such systems have no packagea at all installed.
I agree with Bernd's concerns, but I disagree with his conclusions.
If NetBSD ships with obvious security features that are switched off by default,
people will not be happy when they get hacked in a way that the could have been
prevented. The question shouldn't be be "should we turn these features on?", but
"how do we turn them on without annoying people?".
1) "Packages are optional..." This is a good point. If someone has a barebones
NetBSD computer tucked away somewhere, they shouldn't be pestered by pkgsrc
related emails. Maybe it will be enough to only run download-vulnerability-list
and audit-packages if /usr/pkg exists?
2) "requires an up to date vulnerability.." The download-vulnerability-list
needs to print out a very clear message about how a Unix newbie can switch it
off if it fails to connect to the remote server. That will allow the system
owner to deal with the case where they have packages on systems that are not
connected to the internet. If the system has packages on it, then I think that
by default, the system should make every endeavour to check the security of
3) Someone else mentioned the load on TNF servers. This is a serious issue
since, even now, they don't always seem to be available (although I know my
cable connection is dodgy). Just make the cron job for
download-vulnerability-list sleep for a random number of minutes between 0 and
60. International time zones will take care of spreading the jobs out over the
full 24 hours (with somewhat less randomness though). Either that, or the
installation procedure could set the minute part of the cron spec to a random
Senior Systems Programmer
Ph: +64 4 890 2437
Main Index |
Thread Index |