| 1 |
think local/remote would be a minimum classification |
| 2 |
this could be a make.conf toggle or somthing. |
| 3 |
|
| 4 |
really on my webservers i dont give a damn about local exploits so |
| 5 |
much.. but remote anything is a threat and i want to know/update |
| 6 |
instantly. |
| 7 |
|
| 8 |
really tho just -u security would be more than welcome (anything is |
| 9 |
better than what we have now). |
| 10 |
|
| 11 |
|
| 12 |
On Mon, 2004-02-09 at 04:34, Matt Steven wrote: |
| 13 |
> On Monday 09 February 2004 01:11 pm, Calum wrote: |
| 14 |
> > What I think would be a good idea is the creation and maintenance of say 4 |
| 15 |
> > new virtual packages: |
| 16 |
> > remote-root |
| 17 |
> > remote-shell |
| 18 |
> > local-root |
| 19 |
> > remote-dos |
| 20 |
> |
| 21 |
> I like the idea of |
| 22 |
> |
| 23 |
> emerge -u security |
| 24 |
> |
| 25 |
> But specifying what sort of security threat it is seems a waste of time, I |
| 26 |
> think for most of us a security hole is a security hole, and they should all |
| 27 |
> be patched asap. |
| 28 |
> |
| 29 |
> There is a discussion relating to offering a more stable portage tree going on |
| 30 |
> in gentoo-server that might be of interest to you. |
| 31 |
> |
| 32 |
> See the thread "QA or an unchanging portage tree?" |
Archives