On Wed, Sep 01, 2004 at 11:21:25PM +0200, messmate wrote: > On Wed, 01 Sep 2004 23:54:10 +0900 > Luke Kearney <[EMAIL PROTECTED]> wrote: > > > > >On Wed, 01 Sep 2004 16:55:35 +0200 > >"B.Hansson" <[EMAIL PROTECTED]> spake thus: > >> messmate skrev:
> >> > is there a way to install only parts of the ports tree to set > >> > them up ? The ports tree takes 237M up :( > >> Yes. tar -zxvf ports.tar.gz path/to/port/you/want/to/install > >> That's how I did it. See to it that you have Mk, Templates and such > >> directorys in your /usr/ports dir. > Why is it so insecure have the ports installed ? > When downloading (cvs) i presume ? In general it's not particularly insecure to have the ports tree, or bits of it, installed. However the OP was talking about building a highly secure firewall type system. The idea is to avoid giving an attacker a really handy way of installing any extra software they might want. Not that is makes a huge amount of difference, as when an attacker has achieved that degree of control over the machine, basically all is already lost. Presumably they'll just upload whatever packages they want. In the end, it's a matter of personal preference and the availability of disk space whether you install the ports or not. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK
pgpp6eI0x08K7.pgp
Description: PGP signature