Even the most secure operating system has a crack in its armor: third-party applications. The amount of applications running on a system can vary from a few to several hundred.

Every application has a different development team, and responsiveness to security events in the form of patches and advisories can vary widely. How can an administrator remain aware of possible security incidents without having to subscribe to dozens of security mailing lists?

The FreeBSD project created the Vulnerability and eXposure Markup Language (VuXML) for documenting security issues for the FreeBSD ports collection—this collection contains nearly 16,000 third-party applications.

As seen in Figure C-3, known existing vulnerabilities are marked up and are available online at OpenBSD also uses VuXML for their ports collection and their advisories are available at

Once an application has a known outstanding security vulnerability, its package is removed from the FreeBSD ftp mirrors, and the Makefile for the port is marked as FORBIDDEN. If you try to build this port, you'll receive an error that includes a link to the security advisory. The only way to override this error and force a build of the port is to manually remove the FORBIDDEN line.

Was this article helpful?

0 0
The Ultimate Computer Repair Guide

The Ultimate Computer Repair Guide

Read how to maintain and repair any desktop and laptop computer. This Ebook has articles with photos and videos that show detailed step by step pc repair and maintenance procedures. There are many links to online videos that explain how you can build, maintain, speed up, clean, and repair your computer yourself. Put the money that you were going to pay the PC Tech in your own pocket.

Get My Free Ebook

Post a comment