From bc7876f394caa864ccc31e647b06f63d4def9736 Mon Sep 17 00:00:00 2001 From: Marc Fonvieille Date: Sat, 3 Apr 2004 17:55:24 +0000 Subject: [PATCH] Document security/portaudit. Submitted by: Xin LI --- .../books/handbook/ports/chapter.sgml | 20 +++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/en_US.ISO8859-1/books/handbook/ports/chapter.sgml b/en_US.ISO8859-1/books/handbook/ports/chapter.sgml index 6e25ffa7e6..d6072f4a33 100644 --- a/en_US.ISO8859-1/books/handbook/ports/chapter.sgml +++ b/en_US.ISO8859-1/books/handbook/ports/chapter.sgml @@ -218,6 +218,14 @@ Before installing any application, you should check for security issues related to your application. + + You can also install security/portaudit which will + automatically check all installed applications for known + vulnerabilities, a check will be also performed before any port + build. Meanwhile, you can use the command portaudit + -F -a after you have installed some + packages. The remainder of this chapter will explain how to use @@ -754,6 +762,18 @@ R-deps: an up-to-date ports collection and you should check for security issues related to your port. + + A security vulnerabilities check can be automatically + done by portaudit before any new + application installation. This tool can be found in the + ports collection (security/portaudit). Consider + running portaudit -F before installing a + new port, to fetch the current vulnerabilities database. A + security audit and an update of the database will be + performed during the daily security system check. For more + informations read the &man.portaudit.1; and &man.periodic.8; + manual pages.