svn commit: r50902 - head/ja_JP.eucJP/books/handbook/security
Ryusuke SUZUKI
ryusuke at FreeBSD.org
Fri Sep 22 12:46:45 UTC 2017
Author: ryusuke
Date: Fri Sep 22 12:46:44 2017
New Revision: 50902
URL: https://svnweb.freebsd.org/changeset/doc/50902
Log:
- Merge the following from the English version:
r23830 -> r24005 head/ja_JP.eucJP/books/handbook/security/chapter.xml
Modified:
head/ja_JP.eucJP/books/handbook/security/chapter.xml
Modified: head/ja_JP.eucJP/books/handbook/security/chapter.xml
==============================================================================
--- head/ja_JP.eucJP/books/handbook/security/chapter.xml Fri Sep 22 11:12:38 2017 (r50901)
+++ head/ja_JP.eucJP/books/handbook/security/chapter.xml Fri Sep 22 12:46:44 2017 (r50902)
@@ -3,7 +3,7 @@
The FreeBSD Documentation Project
The FreeBSD Japanese Documentation Project
- Original revision: r23830
+ Original revision: r24005
$FreeBSD$
-->
<chapter xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0" xml:id="security">
@@ -84,9 +84,20 @@
</listitem>
<listitem>
+ <para><application>Portaudit</application>
+ ¥æ¡¼¥Æ¥£¥ê¥Æ¥£¤ò»È¤Ã¤Æ¡¢Ports Collection
+ ¤«¤é¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤¿¥µ¡¼¥É¥Ñ¡¼¥Æ¥£À½¥½¥Õ¥È¥¦¥§¥¢ packages
+ ¤ò´Æºº¤¹¤ëÊýË¡</para>
+ </listitem>
+
+ <listitem>
<para>¸ø³«¤µ¤ì¤ë &os; ¥»¥¥å¥ê¥Æ¥£´«¹ð¤ÎÍøÍÑÊýË¡</para>
</listitem>
+ <listitem>
+ <para>¥×¥í¥»¥¹¥¢¥«¥¦¥ó¥Æ¥£¥ó¥°¤¬¤É¤Î¤è¤¦¤Ê¤â¤Î¤«¡¢
+ &os; ¾å¤Ç͸ú¤Ë¤¹¤ëÊýË¡¤Ë¤Ä¤¤¤Æ</para>
+ </listitem>
</itemizedlist>
<para>¤³¤Î¾Ï¤òÆɤàÁ°¤Ë¡¢¼¡¤Î¤³¤È¤¬É¬Íפˤʤê¤Þ¤¹¡£</para>
@@ -5083,6 +5094,98 @@ drwxr-xr-x 2 robert robert 512 Nov 10 11:54 public_
</sect2>
</sect1>
+ <sect1 xml:id="security-portaudit">
+ <info><title>¥µ¡¼¥É¥Ñ¡¼¥Æ¥£À½¥½¥Õ¥È¥¦¥§¥¢¤Î¥»¥¥å¥ê¥Æ¥£ÌäÂê¤ò´Æ»ë¤¹¤ë</title>
+ <authorgroup>
+ <author>
+ <personname>
+ <firstname>Tom</firstname>
+ <surname>Rhodes</surname>
+ </personname>
+ <contrib>´ó¹Æ: </contrib>
+ </author>
+ </authorgroup>
+ </info>
+
+ <indexterm>
+ <primary>Portaudit</primary>
+ </indexterm>
+
+ <para>¶áǯ¡¢¥»¥¥å¥ê¥Æ¥£¤ÎʬÌî¤Ç¤Ï¡¢
+ ÀȼåÀ¤Îɾ²ÁÊýË¡¤Ë´Ø¤·¤Æ¿¤¯¤Î²þÁ±¤¬¹Ô¤ï¤Æ¤¤¤Þ¤¹¡£
+ º£Æü¤Ç¤Ï¤É¤Î¥ª¥Ú¥ì¡¼¥Æ¥£¥ó¥°¥·¥¹¥Æ¥à¤Ë¤ª¤¤¤Æ¤â¡¢
+ ¥·¥¹¥Æ¥à¤Ø¤Î¿¯Æþ¤Î¶¼°Ò¤Ï¡¢
+ ¥µ¡¼¥É¥Ñ¡¼¥Æ¥£À½¥æ¡¼¥Æ¥£¥ê¥Æ¥£¤ò¥¤¥ó¥¹¥È¡¼¥ë¤·¡¢
+ ÀßÄꤹ¤ë¤Û¤É¤ËÁý²Ã¤·¤Æ¤¤¤¤Þ¤¹¡£</para>
+
+ <para>ÀȼåÀ¤òɾ²Á¤¹¤ë¤³¤È¤Ï¡¢¥»¥¥å¥ê¥Æ¥£¤Ë¤ª¤¤¤Æ¼çÍפÊÍ×ÁǤǤ¹¡£
+ &os; ¤Ï¡¢¥Ù¡¼¥¹¥·¥¹¥Æ¥à¤ËÂФ·¤Æ´«¹ð¤òȯ¹Ô¤·¤Æ¤¤¤Þ¤¹¤¬¡¢
+ ¤¹¤Ù¤Æ¤Î¥µ¡¼¥É¥Ñ¡¼¥Æ¥£À½¥æ¡¼¥Æ¥£¥ê¥Æ¥£¤ËÂФ·¤Æ´«¹ð¤òȯ¹Ô¤¹¤ë¤³¤È¤Ï¡¢
+ &os; ¥×¥í¥¸¥§¥¯¥È¤ÎǽÎϤòĶ¤¨¤Æ¤¤¤Þ¤¹¡£
+ ¥µ¡¼¥É¥Ñ¡¼¥Æ¥£À½¥æ¡¼¥Æ¥£¥ê¥Æ¥£¤Ë´Ø¤ï¤ëÀȼåÀ¤ò·Ú¸º¤·¡¢
+ ´ÉÍý¼Ô¤ËÂФ·¡¢´ûÃΤΥ»¥¥å¥ê¥Æ¥£ÌäÂê¤Ë¤Ä¤¤¤Æ·Ù¹ð¤¹¤ëÊýË¡¤¬Â¸ºß¤·¤Þ¤¹¡£
+ &os; ¤Ë¤Ï¡¢<application>Portaudit</application>
+ ¤È¸Æ¤Ð¤ì¤ëÄɲäΥ桼¥Æ¥£¥ê¥Æ¥£¤¬¡¢
+ ¤³¤ÎÌÜŪ¤Î¤¿¤á¤ËÍÑ°Õ¤µ¤ì¤Æ¤¤¤Þ¤¹¡£</para>
+
+ <para><filename role="package">security/portaudit</filename> port ¤Ï¡¢
+ &os; ¥»¥¥å¥ê¥Æ¥£¥Á¡¼¥à¤ª¤è¤Ó ports
+ ³«È¯¼Ô¤¬¥¢¥Ã¥×¥Ç¡¼¥È¤·¡¢´ÉÍý¤·¤Æ¤¤¤ë¡¢
+ ´ûÃΤΥ»¥¥å¥ê¥Æ¥£ÌäÂê¤ËÂФ¹¤ë¥Ç¡¼¥¿¥Ù¡¼¥¹¤òÆþ¼ê¤·¤Þ¤¹¡£</para>
+
+ <para><application>Portaudit</application> ¤ò»È¤¦¤Ë¤Ï¡¢
+ Ports Collection ¤«¤é¥¤¥ó¥¹¥È¡¼¥ë¤·¤Æ¤¯¤À¤µ¤¤¡£</para>
+
+ <screen>&prompt.root; <userinput>cd /usr/ports/security/portaudit && make install clean</userinput></screen>
+
+ <para>¥¤¥ó¥¹¥È¡¼¥ë¤Î²áÄø¤Ç¡¢
+ &man.periodic.8; ¤ÎÀßÄê¥Õ¥¡¥¤¥ë¤Ï¥¢¥Ã¥×¥Ç¡¼¥È¤µ¤ì¡¢
+ ËèÆü¤Î¥»¥¥å¥ê¥Æ¥£¤Ë´Ø¤¹¤ë¥¹¥¯¥ê¥×¥È¤Î¼Â¹ÔÃæ¤Ë¤ª¤¤¤Æ
+ <application>Portaudit</application>
+ ¤Ë¤è¤ë½ÐÎϤ¬¹Ô¤ï¤ì¤ë¤è¤¦¤Ë¤Ê¤ê¤Þ¤¹¡£
+ ¤³¤Î»þÅÀ¤Ç¤Ï¡¢ÀßÄê¤ÏɬÍפ¢¤ê¤Þ¤»¤ó¡£</para>
+
+ <para>¥¤¥ó¥¹¥È¡¼¥ë¤¬½ª¤ï¤Ã¤¿¤é¡¢´ÉÍý¼Ô¤Ï°Ê²¼¤Î¥³¥Þ¥ó¥É¤ò¼Â¹Ô¤·¤Æ¡¢
+ <filename class="directory">/var/db/portaudit</filename>
+ ¤Ë¥í¡¼¥«¥ë¤ÇÊݸ¤µ¤ì¤Æ¤¤¤ë¥Ç¡¼¥¿¥Ù¡¼¥¹¤ò¥¢¥Ã¥×¥Ç¡¼¥È¤¹¤ëɬÍפ¬¤¢¤ê¤Þ¤¹¡£</para>
+
+ <screen>&prompt.root; <userinput>portaudit -F</userinput></screen>
+
+ <note>
+ <para>¥Ç¡¼¥¿¥Ù¡¼¥¹¤Ï¡¢
+ &man.periodic.8; ¤Î¼Â¹ÔÃæ¤Ë¼«Æ°Åª¤Ë¥¢¥Ã¥×¥Ç¡¼¥È¤µ¤ì¤ë¤Î¤Ç¡¢
+ Àè¤Î¥³¥Þ¥ó¥É¤ò¼Â¹Ô¤¹¤ë¤³¤È¤Ï´°Á´¤ËǤ°Õ¤Ç¤¹¡£
+ °Ê²¼¤ÎÀâÌÀ¤Î¤¿¤á¤À¤±¤ËɬÍפǤ¹¡£</para>
+ </note>
+
+ <para>Ports Collection
+ ¤«¤é¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤¿¥µ¡¼¥É¥Ñ¡¼¥Æ¥£À½¥æ¡¼¥Æ¥£¥ê¥Æ¥£¤ò´Æºº¤¹¤ë¤¿¤á¤Ë¤Ï¡¢
+ ´ÉÍý¼Ô¤Ï°Ê²¼¤Î¥³¥Þ¥ó¥É¤À¤±¤ò¼Â¹Ô¤¹¤ëɬÍפ¬¤¢¤ê¤Þ¤¹¡£</para>
+
+ <screen>&prompt.root; <userinput>portaudit -a</userinput></screen>
+
+ <para>°Ê²¼¤Ï½ÐÎϤÎÎã¤Ç¤¹¡£</para>
+
+ <programlisting>Affected package: cups-base-1.1.22.0_1
+Type of problem: cups-base -- HPGL buffer overflow vulnerability.
+Reference: <http://www.FreeBSD.org/ports/portaudit/40a3bca2-6809-11d9-a9e7-0001020eed82.html>
+
+1 problem(s) in your installed packages found.
+
+You are advised to update or deinstall the affected package(s) immediately.</programlisting>
+
+ <para>ɽ¼¨¤µ¤ì¤Æ¤¤¤ë <acronym>URL</acronym>
+ ¤ò¥¦¥§¥Ö¥Ö¥é¥¦¥¶¤Ç³«¤¯¤È¡¢´ÉÍý¼Ô¤Ï¡¢
+ ÌäÂê¤È¤Ê¤Ã¤Æ¤¤¤ëÀȼåÀ¤Ë¤Ä¤¤¤Æ¤è¤ê¿¤¯¤Î¾ðÊó¤òÆÀ¤ë¤³¤È¤¬¤Ç¤¤Þ¤¹¡£
+ ¤³¤³¤Ç¤Î½ÐÎϤǤϡ¢±Æ¶Á¤¹¤ë¥Ð¡¼¥¸¥ç¥ó¤¬
+ &os; Port ¥Ð¡¼¥¸¥ç¥ó¤Ë¤è¤ê¼¨¤µ¤ì¡¢
+ ¥»¥¥å¥ê¥Æ¥£´«¹ð¤ò´Þ¤à¾¤Î¥¦¥§¥Ö¥µ¥¤¥È¤¬´Þ¤Þ¤ì¤Æ¤¤¤Þ¤¹¡£</para>
+
+ <para>°ì¸ý¤Ë¤¤¤¦¤È¡¢<application>Portaudit</application> ¤Ï¶¯ÎϤǡ¢
+ <application>Portupgrade</application> port
+ ¤È¶¦¤Ë»È¤¦¤È¤¤ï¤á¤ÆÍÍѤʥ桼¥Æ¥£¥ê¥Æ¥£¤Ç¤¹¡£</para>
+ </sect1>
+
<sect1 xml:id="security-advisories">
<info><title>&os; ¥»¥¥å¥ê¥Æ¥£´«¹ð</title>
<authorgroup>
@@ -5300,4 +5403,75 @@ VII. References<co xml:id="co-ref"/></programlisting>
</calloutlist>
</sect2>
</sect1>
+
+ <sect1 xml:id="security-accounting">
+ <info><title>¥×¥í¥»¥¹¥¢¥«¥¦¥ó¥Æ¥£¥ó¥°</title>
+ <authorgroup>
+ <author>
+ <personname>
+ <firstname>Tom</firstname>
+ <surname>Rhodes</surname>
+ </personname>
+ <contrib>´ó¹Æ: </contrib>
+ </author>
+ </authorgroup>
+ </info>
+
+ <indexterm>
+ <primary>¥×¥í¥»¥¹¥¢¥«¥¦¥ó¥Æ¥£¥ó¥°</primary>
+ </indexterm>
+
+ <para>¥×¥í¥»¥¹¥¢¥«¥¦¥ó¥Æ¥£¥ó¥°¤Ï¡¢
+ ´ÉÍý¼Ô¤¬»ÈÍѤµ¤ì¤Æ¤¤¤ë¥·¥¹¥Æ¥à¤Î¥ê¥½¡¼¥¹¤òµÏ¿¤·¤¿¤ê¡¢
+ ¥ê¥½¡¼¥¹¤Î¥æ¡¼¥¶¤Ø¤Î³ä¤êÅö¤Æ¡¢
+ ¥·¥¹¥Æ¥à¤Î¥â¥Ë¥¿¥ê¥ó¥°¤ª¤è¤Ó¥æ¡¼¥¶¤Î¥³¥Þ¥ó¥É¤ÎºÇÄã¸Â¤ÎµÏ¿¤òÄ󶡤·¤Þ¤¹¡£</para>
+
+ <para>¤³¤ì¤Ï¼ÂºÝ¤Ë¤Ï¡¢Ä¹½ê¤Èû½ê¤¬¤¢¤ê¤Þ¤¹¡£
+ Ĺ½ê¤Î°ì¤Ä¤Ï¡¢¿¯Æþ¤òÆþ¤ê¸ý¤Î»þÅÀ¤Ç¹Ê¤ë¤³¤È¤¬¤Ç¤¤Þ¤¹¡£
+ û½ê¤Ï¡¢¥×¥í¥»¥¹¥¢¥«¥¦¥ó¥Æ¥£¥ó¥°¤Ë¤è¤êÀ¸À®¤µ¤ì¤ë¥í¥°¤ÎÎ̤ǡ¢
+ ¿¤¯¤Î¥Ç¥£¥¹¥¯ÍÆÎ̤òɬÍפȤ·¤Þ¤¹¡£¤³¤ÎÀá¤Ç¤Ï¡¢
+ ´ÉÍý¼Ô¤òÂÐ¾Ý¤Ë¥×¥í¥»¥¹¥¢¥«¥¦¥ó¥Æ¥£¥ó¥°¤Î´ðÁäòÀâÌÀ¤·¤Þ¤¹¡£</para>
+
+ <sect2>
+ <title>¥×¥í¥»¥¹¥¢¥«¥¦¥ó¥Æ¥£¥ó¥°¤ò͸ú¤Ë¤¹¤ë</title>
+
+ <para>¥×¥í¥»¥¹¥¢¥«¥¦¥ó¥Æ¥£¥ó¥°¤ò»ÈÍѤ¹¤ëÁ°¤Ë¡¢
+ ´ÉÍý¼Ô¤Ï¡¢¥×¥í¥»¥¹¥¢¥«¥¦¥ó¥Æ¥£¥ó¥°¤ò͸ú¤Ë¤¹¤ëɬÍפ¬¤¢¤ê¤Þ¤¹¡£
+ ͸ú¤Ë¤¹¤ë¤Ë¤Ï¡¢°Ê²¼¤Î¥³¥Þ¥ó¥É¤ò¼Â¹Ô¤·¤Æ¤¯¤À¤µ¤¤¡£</para>
+
+ <screen>&prompt.root; <userinput>touch <filename>/var/account/acct</filename></userinput>
+
+&prompt.root; <userinput>accton <filename>/var/account/acct</filename></userinput>
+
+&prompt.root; <userinput>echo 'accounting_enable="YES"' >> <filename>/etc/rc.conf</filename></userinput></screen>
+
+ <para>͸ú¤ËÀßÄꤹ¤ë¤È¡¢¥¢¥«¥¦¥ó¥Æ¥£¥ó¥°¤Ï¡¢
+ <acronym>CPU</acronym> ¤ÎÅý·×¡¢¥³¥Þ¥ó¥É¤Ê¤É¤ÎÄÉÀפò³«»Ï¤·¤Þ¤¹¡£
+ ¤¹¤Ù¤Æ¤Î¥¢¥«¥¦¥ó¥Æ¥£¥ó¥°¥í¥°¤Ï¡¢
+ ¿Í¤¬Æɤá¤ë¤è¤¦¤Ê·Á¼°¤Ç¤Ï¤Ê¤¤¤Î¤Ç¡¢
+ &man.sa.8; ¥æ¡¼¥Æ¥£¥ê¥Æ¥£¤ò»È¤Ã¤Æ¸«¤ë¤³¤È¤Ë¤Ê¤ê¤Þ¤¹¡£
+ ¥ª¥×¥·¥ç¥ó¤òÀßÄꤻ¤º¤Ë¼Â¹Ô¤¹¤ë¤È¡¢
+ <command>sa</command> ¤Ï¥æ¡¼¥¶¥³¡¼¥ë¤Î¿ô¡¢Á´·Ð²á»þ´Ö (ʬ)¡¢
+ Á´ <acronym>CPU</acronym> ¤ª¤è¤Ó¥æ¡¼¥¶¤Î»þ´Ö (ʬ)¡¢
+ I/O Áàºî¤ÎÊ¿¶Ñ¿ô¤Ê¤É¤ò½ÐÎϤ·¤Þ¤¹¡£</para>
+
+ <para>¼Â¹Ô¤µ¤ì¤¿¥³¥Þ¥ó¥É¤Ë´Ø¤¹¤ë¾ðÊó¤ò¸«¤ë¤Ë¤Ï¡¢
+ &man.lastcomm.1; ¥æ¡¼¥Æ¥£¥ê¥Æ¥£¤ò»È¤Ã¤Æ¤¯¤À¤µ¤¤¡£
+ <command>lastcomm</command> ¤ò»È¤¦¤È¡¢
+ ¥æ¡¼¥¶¤¬ÆÃÄê¤Î &man.ttys.5; ¤Ç¼Â¹Ô¤·¤¿¥³¥Þ¥ó¥É¤ò½ÐÎϤǤ¤Þ¤¹¡£
+ °Ê²¼¤Ï¤½¤ÎÎã¤Ç¤¹¡£</para>
+
+ <screen>&prompt.root; <userinput>lastcomm ls
+ <systemitem class="username">trhodes</systemitem> ttyp1</userinput></screen>
+
+ <para>¤³¤Î¥³¥Þ¥ó¥É¤ò¼Â¹Ô¤¹¤ë¤È¡¢ttyp1
+ ¥¿¡¼¥ß¥Ê¥ë¾å¤Ç <systemitem class="username">trhodes</systemitem>
+ ¤¬¼Â¹Ô¤·¤¿ <command>ls</command>
+ ¤Î»ÈÍѤˤĤ¤¤Æ¡¢µÏ¿¤µ¤ì¤Æ¤¤¤ë¤¹¤Ù¤Æ¼¨¤·¤Þ¤¹¡£</para>
+
+ <para>¾¤Ë¤âÍÍѤʥª¥×¥·¥ç¥ó¤¬Â¿¤¯¤¢¤ê¡¢
+ &man.lastcomm.1;, &man.acct.5; ¤ª¤è¤Ó &man.sa.8; ¥Þ¥Ë¥å¥¢¥ë¥Ú¡¼¥¸¤Ç
+ ÀâÌÀ¤µ¤ì¤Æ¤¤¤Þ¤¹¡£</para>
+ </sect2>
+ </sect1>
</chapter>
More information about the svn-doc-head
mailing list