wessoftweyr.com

• Next message: Mike Silbersack: "Re: cvs commit: src/etc inetd.conf"
• Previous message: Paul Richards: "Re: cvs commit: src/usr.bin/finger finger.c"
• Next in thread: Warner Losh: "Re: Security and FreeBSD, my overall perspective"
• Maybe reply: Wes Peters: "Re: Security and FreeBSD, my overall perspective"
• Reply: Warner Losh: "Re: Security and FreeBSD, my overall perspective"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Warner Losh wrote:
>
> : (b) Add a new field to the ports infrastructure which indicates
> : level of "trust" the project/security people have in that
> : port. E.g. instead of having one big knob rather off-puttingly
> : labelled 'FORBIDDEN', have a 'TRUST' or 'SECURITY_LEVEL' variable
> : which goes from 1 to 10. Then the ports infrastructure can, if
> : it wishes to, issue warnings of varying severity based on the
> : trust level.
>
> 1 to 10 is too many levels. But I'm not sure what the right number
> is, so let's assume it is N and move on.

N == 3 { 'green', 'yellow', 'red' }. If you're feeling like a telco, throw
'blue' in there somewhere, though nobody really seems to understand what
'blue' really means.

-- 
            "Where am I, and what am I doing in this handbasket?"
Wes Peters                                                         Softweyr LLC
wessoftweyr.com                                           http://softweyr.com/
To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

• Next message: Mike Silbersack: "Re: cvs commit: src/etc inetd.conf"
• Previous message: Paul Richards: "Re: cvs commit: src/usr.bin/finger finger.c"
• Next in thread: Warner Losh: "Re: Security and FreeBSD, my overall perspective"
• Maybe reply: Wes Peters: "Re: Security and FreeBSD, my overall perspective"
• Reply: Warner Losh: "Re: Security and FreeBSD, my overall perspective"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]