Portaudit
From FreeBSDwiki
(Difference between revisions)
Ninereasons (Talk | contribs) (fuller generic portaudit error message) |
Ninereasons (Talk | contribs) m (redudundant) |
||
Line 1: | Line 1: | ||
[[Category:Securing FreeBSD]][[Category:Ports and Packages]] | [[Category:Securing FreeBSD]][[Category:Ports and Packages]] | ||
− | '''portaudit''' is a small FreeBSD [[ports|port]] that automatically maintains a database of known vulnerabilities. Installing this port | + | '''portaudit''' is a small FreeBSD [[ports|port]] that automatically creates and maintains a database of known vulnerabilities. Installing this port enables port security auditing on your system. |
When you run <code>make</code> on a port, or use [[portupgrade]] or [[portmanager]], you may notice the mysterious but harmless warning that appears if you do not have port auditing enabled: | When you run <code>make</code> on a port, or use [[portupgrade]] or [[portmanager]], you may notice the mysterious but harmless warning that appears if you do not have port auditing enabled: |
Revision as of 18:04, 18 May 2006
portaudit is a small FreeBSD port that automatically creates and maintains a database of known vulnerabilities. Installing this port enables port security auditing on your system.
When you run make
on a port, or use portupgrade or portmanager, you may notice the mysterious but harmless warning that appears if you do not have port auditing enabled:
===> Vulnerability check disabled, database not found
portaudit is installed to /usr/local/etc/periodic/security/
by default, so that it will be run automatically, and will be part of the automated security report that is run by the system and mailed (by default) to the root
user.
After port auditing is enabled, you will not be able to install or upgrade the insecure port. Instead, you will receive a message that reads:
===> package-version has known vulnerabilities: => package -- vulnerability summary Reference: &tt;http://www.FreeBSD.org/ports/portaudit/reference.html> => Please update your ports tree and try again. *** Error code 1