What's our current policy on ports FORBIDDEN knob?
Xin LI
delphij at frontfree.net
Sun May 2 10:29:17 PDT 2004
Greetings,
I'm a little curious about the way FORBIDDEN knob is used in ports system.
Traditionally, we use it to mark a port which have known security issue,
with the new vuxml mechanism, are we still doing the same thing when
necessary? Or, only the "critical" ones, for example, remote exploitable
buffer overruns, etc?
If the second assumption (only critical ones are marked FORBIDDEN)
is true, then what's our criteria of what should be marked FORBIDDEN
or not? Say, how serious a bug should be before a port is marked
FORBIDDEN?
Someone who knows about these things please clarify this. Thanks in advance!
Cheers,
--
Xin LI <delphij frontfree net> http://www.delphij.net/
See complete headers for GPG key and other information.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-security/attachments/20040503/7fab79bc/attachment.bin
More information about the freebsd-security
mailing list