aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authoreik <eik@FreeBSD.org>2004-01-29 00:17:30 +0800
committereik <eik@FreeBSD.org>2004-01-29 00:17:30 +0800
commitad3e3caf045aa343c575221e004b70cb3d0510fa (patch)
treebe419cd3bb3425ccdffd4bce55dcf827373dc1ea
parentcfe8be0f45e5d7b6416eb519c7519558d529fcde (diff)
downloadfreebsd-ports-gnome-ad3e3caf045aa343c575221e004b70cb3d0510fa.tar.gz
freebsd-ports-gnome-ad3e3caf045aa343c575221e004b70cb3d0510fa.tar.zst
freebsd-ports-gnome-ad3e3caf045aa343c575221e004b70cb3d0510fa.zip
tandart vulnerability test for port auditing systems
This is a package to test FreeBSD port auditing systems, e.g. portaudit and the upcoming VuXML based system. Even though it installs no files, it is listed in the portaudit database as vulnerable. Kind of a EICAR-STANDARD-ANTIVIRUS-TEST-FILE
-rw-r--r--ports-mgmt/vulnerability-test-port/Makefile30
-rw-r--r--ports-mgmt/vulnerability-test-port/pkg-descr20
-rw-r--r--security/Makefile1
-rw-r--r--security/vulnerability-test-port/Makefile30
-rw-r--r--security/vulnerability-test-port/pkg-descr20
5 files changed, 101 insertions, 0 deletions
diff --git a/ports-mgmt/vulnerability-test-port/Makefile b/ports-mgmt/vulnerability-test-port/Makefile
new file mode 100644
index 000000000000..6b84a50aef4d
--- /dev/null
+++ b/ports-mgmt/vulnerability-test-port/Makefile
@@ -0,0 +1,30 @@
+# New ports collection makefile for: vulnerability-test-port
+# Date created: 25 Jan 2004
+# Whom: Oliver Eikemeier
+#
+# $FreeBSD$
+#
+
+PORTNAME= vulnerability-test-port
+PORTVERSION= ${INSTALLATION_DATE}
+CATEGORIES= security
+DISTFILES=
+
+MAINTAINER= eik@FreeBSD.org
+COMMENT= Standart vulnerability test for port auditing systems
+
+NO_BUILD= yes
+
+.ifdef INSTALLATION_DATE
+MYDATE!= date -j -f "%Y.%m.%d" "${INSTALLATION_DATE}" "+%Y.%m.%d" 2>/dev/null
+.if ${MYDATE} != ${INSTALLATION_DATE}
+IGNORE= ": \`\`${INSTALLATION_DATE}\'\' is not a legal date. INSTALLATION_DATE must be in the form YYYY.MM.DD"
+.endif
+.else
+INSTALLATION_DATE!= date -u "+%Y.%m.%d"
+.endif
+
+do-install:
+ @${DO_NADA}
+
+.include <bsd.port.mk>
diff --git a/ports-mgmt/vulnerability-test-port/pkg-descr b/ports-mgmt/vulnerability-test-port/pkg-descr
new file mode 100644
index 000000000000..a07e1b34e991
--- /dev/null
+++ b/ports-mgmt/vulnerability-test-port/pkg-descr
@@ -0,0 +1,20 @@
+This is a package to test FreeBSD port auditing systems, e.g. portaudit
+and the upcoming VuXML based system. Even though it installs no files,
+it is registered in the local package database.
+
+Its version number is automagically the installation date, so that you
+can update it every day ;-) If the date is off by one day keep in mind
+that the date is in UTC which may differ from your local time up to
+twelve hours, depending on the time zone you live in.
+
+The portaudit database lists yesterday's vulnerability test port as
+vulnerable so that it should appear in your security report approximately
+after a week, depending on the synchronization schedule of your database.
+
+If you try install the port with
+ make INSTALLATION_DATE=`date -u -v-14d "+%Y.%m.%d"` install
+the port is instantly flagged as vulnerable and the ports system should
+hinder you installing it (currently not implemented), otherwise your
+vulnerability database is too old.
+
+Oliver Eikemeier <eik@FreeBSD.org>
diff --git a/security/Makefile b/security/Makefile
index a74cc8081d38..16ef13c9aab2 100644
--- a/security/Makefile
+++ b/security/Makefile
@@ -409,6 +409,7 @@
SUBDIR += vpnc
SUBDIR += vpnd
SUBDIR += vscan
+ SUBDIR += vulnerability-test-port
SUBDIR += xca
SUBDIR += xinetd
SUBDIR += xmlsec
diff --git a/security/vulnerability-test-port/Makefile b/security/vulnerability-test-port/Makefile
new file mode 100644
index 000000000000..6b84a50aef4d
--- /dev/null
+++ b/security/vulnerability-test-port/Makefile
@@ -0,0 +1,30 @@
+# New ports collection makefile for: vulnerability-test-port
+# Date created: 25 Jan 2004
+# Whom: Oliver Eikemeier
+#
+# $FreeBSD$
+#
+
+PORTNAME= vulnerability-test-port
+PORTVERSION= ${INSTALLATION_DATE}
+CATEGORIES= security
+DISTFILES=
+
+MAINTAINER= eik@FreeBSD.org
+COMMENT= Standart vulnerability test for port auditing systems
+
+NO_BUILD= yes
+
+.ifdef INSTALLATION_DATE
+MYDATE!= date -j -f "%Y.%m.%d" "${INSTALLATION_DATE}" "+%Y.%m.%d" 2>/dev/null
+.if ${MYDATE} != ${INSTALLATION_DATE}
+IGNORE= ": \`\`${INSTALLATION_DATE}\'\' is not a legal date. INSTALLATION_DATE must be in the form YYYY.MM.DD"
+.endif
+.else
+INSTALLATION_DATE!= date -u "+%Y.%m.%d"
+.endif
+
+do-install:
+ @${DO_NADA}
+
+.include <bsd.port.mk>
diff --git a/security/vulnerability-test-port/pkg-descr b/security/vulnerability-test-port/pkg-descr
new file mode 100644
index 000000000000..a07e1b34e991
--- /dev/null
+++ b/security/vulnerability-test-port/pkg-descr
@@ -0,0 +1,20 @@
+This is a package to test FreeBSD port auditing systems, e.g. portaudit
+and the upcoming VuXML based system. Even though it installs no files,
+it is registered in the local package database.
+
+Its version number is automagically the installation date, so that you
+can update it every day ;-) If the date is off by one day keep in mind
+that the date is in UTC which may differ from your local time up to
+twelve hours, depending on the time zone you live in.
+
+The portaudit database lists yesterday's vulnerability test port as
+vulnerable so that it should appear in your security report approximately
+after a week, depending on the synchronization schedule of your database.
+
+If you try install the port with
+ make INSTALLATION_DATE=`date -u -v-14d "+%Y.%m.%d"` install
+the port is instantly flagged as vulnerable and the ports system should
+hinder you installing it (currently not implemented), otherwise your
+vulnerability database is too old.
+
+Oliver Eikemeier <eik@FreeBSD.org>