1 |
On Wed, Sep 04, 2002 at 11:05:40PM +0300, Moilanen Mikko Antero wrote: |
2 |
> Hi |
3 |
> |
4 |
> Would it be good idea to make additional cammand "emerge security" to check and upgrade any security things like now "emerge system" upgrades some standard system things? |
5 |
> |
6 |
> This would definetly be good for people who maintain servers or for people who maintain workstations or this would just be *good* for people. |
7 |
> |
8 |
|
9 |
I agree that this would be useful functionality. I think that the best way to |
10 |
implement something like this is _not_ to label security fix ebuilds as such, |
11 |
but to flag the ebuilds that are vunerable. |
12 |
|
13 |
e.g. (off the top of my head) |
14 |
|
15 |
For each package create a file that lists the ebuild versions that were found |
16 |
to have security issues e.g. |
17 |
/usr/portage/catagory/package/security |
18 |
|
19 |
Using a method like this an 'emerge security' could check all installed |
20 |
packages against the versions in the security files and update them if needed. |
21 |
|
22 |
All this would mean more work for the poor souls maintaining the portage tree |
23 |
though. |
24 |
|
25 |
-- |
26 |
Chris Sykes |