What's our current policy on ports FORBIDDEN knob?
Jacques A. Vidrine
nectar at FreeBSD.org
Sun May 2 12:36:09 PDT 2004
On Mon, May 03, 2004 at 01:29:10AM +0800, Xin LI wrote:
> Greetings,
>
> I'm a little curious about the way FORBIDDEN knob is used in ports system.
> Traditionally, we use it to mark a port which have known security issue,
> with the new vuxml mechanism, are we still doing the same thing when
> necessary? Or, only the "critical" ones, for example, remote exploitable
> buffer overruns, etc?
>
> If the second assumption (only critical ones are marked FORBIDDEN)
> is true, then what's our criteria of what should be marked FORBIDDEN
> or not? Say, how serious a bug should be before a port is marked
> FORBIDDEN?
>
> Someone who knows about these things please clarify this. Thanks in advance!
The VuXML document is used to record practically all security issues,
large or small.
FORBIDDEN is more subjective. Personally, I mark a port FORBIDDEN if
I believe it presents immediate danger to users.
Cheers,
--
Jacques Vidrine / nectar at celabo.org / jvidrine at verio.net / nectar at freebsd.org
More information about the freebsd-security
mailing list