| Summary: | flexresp should be optional in snort ebuilds | ||
|---|---|---|---|
| Product: | Gentoo Linux | Reporter: | Martin Jackson (RETIRED) <mjolnir> |
| Component: | New packages | Assignee: | Michael Boman (RETIRED) <mboman> |
| Status: | RESOLVED TEST-REQUEST | ||
| Severity: | normal | CC: | aliz, solar, vapier |
| Priority: | High | ||
| Version: | unspecified | ||
| Hardware: | x86 | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Package list: | Runtime testing required: | --- | |
|
Description
Martin Jackson (RETIRED)
2003-11-22 19:17:26 UTC
I wonder if the whole flexresp functionaility shouldn't be dropped as whole actually. It gives the user of the software a false "snort will protect me from bad guys" sense of security, while providing zero protection in the default setup (and most people actually do run default setups) and limited functionallity when it is in use. Anyway, if you think it's still a good idea to keep flexresp support in Snort I'll add the local USE flag to the ebuild. I'd like to hear what you guys think of this. I wasn't planning on actually using flexresp - if you want to be a black hole (which I do), just about the worst thing you can do is start sending ICMP unreachables or whatever when a hostile scanner passes by. I suppose it would be easy enough for someone with proper motivation to put the --enable-flexresp line back into the ebuild if it came out completely... I am preparing a updated ebuild that disables flexresp by default unless a (local) "flexresp" USE flag has been specified. If you have anything against this please voice out now. Ok, commited snort-2.0.5-r1:
- Made flexresp optional (controlled by "flexresp" local USE flag)
- Made smbalert optional (controlled by "samba" USE flag).
- Threading support was never officially supported in Snort, and has
been removed from ebuild now as the code is, if not already has been,
cleaned from the source tree.
- Updated prelude patch.
- Assigned myself as the primary maintainer of this ebuild, with the
hardened as the herd.
|