Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/share/man/man7 Note the 'fetch_pkg_vulnerabilities=YES' also...
details: https://anonhg.NetBSD.org/src/rev/221936ef521a
branches: trunk
changeset: 763390:221936ef521a
user: jruoho <jruoho%NetBSD.org@localhost>
date: Fri Mar 18 16:11:13 2011 +0000
description:
Note the 'fetch_pkg_vulnerabilities=YES' also here. In lack of a proper
name, put this under "administrative security".
diffstat:
share/man/man7/security.7 | 17 ++++++++++++++++-
1 files changed, 16 insertions(+), 1 deletions(-)
diffs (31 lines):
diff -r 5d6f90b7f82a -r 221936ef521a share/man/man7/security.7
--- a/share/man/man7/security.7 Fri Mar 18 15:32:26 2011 +0000
+++ b/share/man/man7/security.7 Fri Mar 18 16:11:13 2011 +0000
@@ -1,4 +1,4 @@
-.\" $NetBSD: security.7,v 1.2 2011/03/18 15:32:26 jruoho Exp $
+.\" $NetBSD: security.7,v 1.3 2011/03/18 16:11:13 jruoho Exp $
.\"
.\" Copyright (c) 2006, 2011 Elad Efrat <elad%NetBSD.org@localhost>
.\" All rights reserved.
@@ -418,6 +418,21 @@
.Bd -literal -offset indent
# sysctl -w security.curtain=1
.Ed
+.Ss Administrative security
+Also certain administrative tasks are related to security.
+For instance, the the daily maintenance script includes some basic
+consistency checks; see
+.Xr security.conf 5
+for more details.
+In particular, it is possible to configure
+.Nx
+to automatically audit all third-party packages installed via
+.Xr pkgsrc 7 .
+To audit for any known vulnerabilities on daily basis, set the following in
+.Fa /etc/daily.conf :
+.Bd -literal -offset indent
+fetch_pkg_vulnerabilities=YES
+.Ed
.Sh SEE ALSO
.Xr ssp 3 ,
.Xr options 4 ,
Home |
Main Index |
Thread Index |
Old Index