21 lines
990 B
Text
21 lines
990 B
Text
|
This is a package to test FreeBSD port auditing systems, e.g. portaudit
|
||
|
|
and the upcoming VuXML based system. Even though it installs no files,
|
||
|
|
it is registered in the local package database.
|
||
|
|
|
||
|
|
Its version number is automagically the installation date, so that you
|
||
|
|
can update it every day ;-) If the date is off by one day keep in mind
|
||
|
|
that the date is in UTC which may differ from your local time up to
|
||
|
|
twelve hours, depending on the time zone you live in.
|
||
|
|
|
||
|
|
The portaudit database lists yesterday's vulnerability test port as
|
||
|
|
vulnerable so that it should appear in your security report approximately
|
||
|
|
after a week, depending on the synchronization schedule of your database.
|
||
|
|
|
||
|
|
If you try install the port with
|
||
|
|
make INSTALLATION_DATE=`date -u -v-14d "+%Y.%m.%d"` install
|
||
|
|
the port is instantly flagged as vulnerable and the ports system should
|
||
|
|
hinder you installing it (currently not implemented), otherwise your
|
||
|
|
vulnerability database is too old.
|
||
|
|
|
||
|
|
Oliver Eikemeier <eik@FreeBSD.org>
|