[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
What's our current policy on ports FORBIDDEN knob?
- Subject: What's our current policy on ports FORBIDDEN knob?
- From: delphij at frontfree.net (Xin LI)
- Date: Sun May 2 10:29:30 2004
I'm a little curious about the way FORBIDDEN knob is used in ports system.
Traditionally, we use it to mark a port which have known security issue,
with the new vuxml mechanism, are we still doing the same thing when
necessary? Or, only the "critical" ones, for example, remote exploitable
buffer overruns, etc?
If the second assumption (only critical ones are marked FORBIDDEN)
is true, then what's our criteria of what should be marked FORBIDDEN
or not? Say, how serious a bug should be before a port is marked
Someone who knows about these things please clarify this. Thanks in advance!
Xin LI <delphij frontfree net> http://www.delphij.net/
See complete headers for GPG key and other information.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-security/attachments/20040503/7fab79bc/attachment.bin
Visit your host, monkey.org