summaryrefslogtreecommitdiff
path: root/security
diff options
context:
space:
mode:
authorOliver Eikemeier <eik@FreeBSD.org>2004-01-28 16:17:30 +0000
committerOliver Eikemeier <eik@FreeBSD.org>2004-01-28 16:17:30 +0000
commit112248f85d6bf0b543a488c6735d026a56e6aa98 (patch)
treee7136f960e3b2635f8ffc7fcc8b23e6806a500ac /security
parentUpdate to 0.29.01 (diff)
tandart vulnerability test for port auditing systems
This is a package to test FreeBSD port auditing systems, e.g. portaudit and the upcoming VuXML based system. Even though it installs no files, it is listed in the portaudit database as vulnerable. Kind of a EICAR-STANDARD-ANTIVIRUS-TEST-FILE
Diffstat (limited to 'security')
-rw-r--r--security/Makefile1
-rw-r--r--security/vulnerability-test-port/Makefile30
-rw-r--r--security/vulnerability-test-port/pkg-descr20
3 files changed, 51 insertions, 0 deletions
diff --git a/security/Makefile b/security/Makefile
index a74cc8081d38..16ef13c9aab2 100644
--- a/security/Makefile
+++ b/security/Makefile
@@ -409,6 +409,7 @@
SUBDIR += vpnc
SUBDIR += vpnd
SUBDIR += vscan
+ SUBDIR += vulnerability-test-port
SUBDIR += xca
SUBDIR += xinetd
SUBDIR += xmlsec
diff --git a/security/vulnerability-test-port/Makefile b/security/vulnerability-test-port/Makefile
new file mode 100644
index 000000000000..6b84a50aef4d
--- /dev/null
+++ b/security/vulnerability-test-port/Makefile
@@ -0,0 +1,30 @@
+# New ports collection makefile for: vulnerability-test-port
+# Date created: 25 Jan 2004
+# Whom: Oliver Eikemeier
+#
+# $FreeBSD$
+#
+
+PORTNAME= vulnerability-test-port
+PORTVERSION= ${INSTALLATION_DATE}
+CATEGORIES= security
+DISTFILES=
+
+MAINTAINER= eik@FreeBSD.org
+COMMENT= Standart vulnerability test for port auditing systems
+
+NO_BUILD= yes
+
+.ifdef INSTALLATION_DATE
+MYDATE!= date -j -f "%Y.%m.%d" "${INSTALLATION_DATE}" "+%Y.%m.%d" 2>/dev/null
+.if ${MYDATE} != ${INSTALLATION_DATE}
+IGNORE= ": \`\`${INSTALLATION_DATE}\'\' is not a legal date. INSTALLATION_DATE must be in the form YYYY.MM.DD"
+.endif
+.else
+INSTALLATION_DATE!= date -u "+%Y.%m.%d"
+.endif
+
+do-install:
+ @${DO_NADA}
+
+.include <bsd.port.mk>
diff --git a/security/vulnerability-test-port/pkg-descr b/security/vulnerability-test-port/pkg-descr
new file mode 100644
index 000000000000..a07e1b34e991
--- /dev/null
+++ b/security/vulnerability-test-port/pkg-descr
@@ -0,0 +1,20 @@
+This is a package to test FreeBSD port auditing systems, e.g. portaudit
+and the upcoming VuXML based system. Even though it installs no files,
+it is registered in the local package database.
+
+Its version number is automagically the installation date, so that you
+can update it every day ;-) If the date is off by one day keep in mind
+that the date is in UTC which may differ from your local time up to
+twelve hours, depending on the time zone you live in.
+
+The portaudit database lists yesterday's vulnerability test port as
+vulnerable so that it should appear in your security report approximately
+after a week, depending on the synchronization schedule of your database.
+
+If you try install the port with
+ make INSTALLATION_DATE=`date -u -v-14d "+%Y.%m.%d"` install
+the port is instantly flagged as vulnerable and the ports system should
+hinder you installing it (currently not implemented), otherwise your
+vulnerability database is too old.
+
+Oliver Eikemeier <eik@FreeBSD.org>