[Secure-testing-team] DTSA announcements
Florian Weimer
fw at deneb.enyo.de
Wed Aug 22 09:19:09 UTC 2007
* Luk Claes:
> debsecan needs at least python (besides a MTA when mail is wanted) which
> is not always wanted... it's also host based which has some advantages,
> but also some disadvantages...
Technically, you aren't forced to run debsecan on the host that's
being analyzed. You can copy /var/lib/dpkg/status and run debsecan on
it on another box. But I don't think anyone is doing it in some form
of automated process, and there are likely a few debsecan features
which would have to be implemented before this becomes feasible.
More information about the Secure-testing-team
mailing list