Re: security scripts diff
- From: Esa Karkkainen <ejk@xxxxxx>
- Date: Mon, 1 Feb 2010 18:42:26 +0200
On Sun, Jan 31, 2010 at 04:40:03PM -0800, David Wolfskill wrote:
On Mon, Feb 01, 2010 at 03:13:39AM +0300, Dmitry Morozovsky wrote:
Dear colleagues,
looking at regular security mails I found that foloowing patch would greatly
desreases amount of false positive reports; it's totally possible I'm missing
some vital areas, but my current look at security scripts did not reveal any.
What do you think? Thank you in advance.
...
I think maybe -b ("Ignore changes in the amount of white space.") might
be better than -w ("Ignore all white space."), as the presence or
absence of *some* white space can be a signifant difference (e.g., to a
non-FORTRAN IV parser).
I've always disliked the feature which lists unchanged files on security
emails (100.chksetuid). I've created a patch some time ago.
http://www.freebsd.org/cgi/query-pr.cgi?pr=conf/119464
--
"In the beginning the Universe was created. This has made a lot of
people very angry and been widely regarded as a bad move."
-- Douglas Adams 1952 - 2001
_______________________________________________
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"
- References:
- security scripts diff
- From: Dmitry Morozovsky
- Re: security scripts diff
- From: David Wolfskill
- security scripts diff
- Prev by Date: Re: PHK's MD5 might not be slow enough anymore
- Next by Date: Re: PHK's MD5 might not be slow enough anymore
- Previous by thread: Re: security scripts diff
- Next by thread: Re: PHK's MD5 might not be slow enough anymore
- Index(es):
