| 1 |
On Wed, Sep 04, 2002 at 11:05:40PM +0300, Moilanen Mikko Antero wrote: |
| 2 |
> Hi |
| 3 |
> |
| 4 |
> Would it be good idea to make additional cammand "emerge security" to check and upgrade any security things like now "emerge system" upgrades some standard system things? |
| 5 |
> |
| 6 |
> This would definetly be good for people who maintain servers or for people who maintain workstations or this would just be *good* for people. |
| 7 |
> |
| 8 |
|
| 9 |
I agree that this would be useful functionality. I think that the best way to |
| 10 |
implement something like this is _not_ to label security fix ebuilds as such, |
| 11 |
but to flag the ebuilds that are vunerable. |
| 12 |
|
| 13 |
e.g. (off the top of my head) |
| 14 |
|
| 15 |
For each package create a file that lists the ebuild versions that were found |
| 16 |
to have security issues e.g. |
| 17 |
/usr/portage/catagory/package/security |
| 18 |
|
| 19 |
Using a method like this an 'emerge security' could check all installed |
| 20 |
packages against the versions in the security files and update them if needed. |
| 21 |
|
| 22 |
All this would mean more work for the poor souls maintaining the portage tree |
| 23 |
though. |
| 24 |
|
| 25 |
-- |
| 26 |
Chris Sykes |
Archives