1 |
think local/remote would be a minimum classification |
2 |
this could be a make.conf toggle or somthing. |
3 |
|
4 |
really on my webservers i dont give a damn about local exploits so |
5 |
much.. but remote anything is a threat and i want to know/update |
6 |
instantly. |
7 |
|
8 |
really tho just -u security would be more than welcome (anything is |
9 |
better than what we have now). |
10 |
|
11 |
|
12 |
On Mon, 2004-02-09 at 04:34, Matt Steven wrote: |
13 |
> On Monday 09 February 2004 01:11 pm, Calum wrote: |
14 |
> > What I think would be a good idea is the creation and maintenance of say 4 |
15 |
> > new virtual packages: |
16 |
> > remote-root |
17 |
> > remote-shell |
18 |
> > local-root |
19 |
> > remote-dos |
20 |
> |
21 |
> I like the idea of |
22 |
> |
23 |
> emerge -u security |
24 |
> |
25 |
> But specifying what sort of security threat it is seems a waste of time, I |
26 |
> think for most of us a security hole is a security hole, and they should all |
27 |
> be patched asap. |
28 |
> |
29 |
> There is a discussion relating to offering a more stable portage tree going on |
30 |
> in gentoo-server that might be of interest to you. |
31 |
> |
32 |
> See the thread "QA or an unchanging portage tree?" |