Feature Requests item #1579892, was opened at 2006-10-18
14:21
Message generated for change (Tracker Item Submitted) made
by Item Submitter
You can respond by visiting:
https://sourcefo
rge.net/tracker/?func=detail&atid=725142&aid=1579892
&group_id=132104
Please note that this message will contain a full copy of
the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: Interface Improvements (example)
Group: None
Status: Open
Priority: 5
Submitted By: squeege (squeege)
Assigned to: Nobody/Anonymous (nobody)
Summary: Manual/Automatic Software Updates for Endian
Community?
Initial Comment:
First - congratulations for a great job on this
distribution. It's a great project/product and provides
a great service to the community at large.
I and several of my colleagues are running Endian
firewall in our homes, and for friends & family.
Though I am concerned about the static nature of the
Endian Community distro, many of the software packages
that it uses, e.g. clamav, are not being updated; this
leaves the firewall vulnerable to exploitation.
There are several packages (notably clamav) within the
Endian 2 Community distro, that have since been patched
for known vulnerabilities (and sometimes exploits), but
Endian has no facility for updating these.
Asides from automatic definition or blacklist updates,
it would be a huge benefit if the critical software
components that are prone to exploitation (like clamav)
could be updated within the Endian framework.
I realize that you may reserving some of these more
advanced features for the commercial version of the
product, but perhaps you could make it possible for the
community version to get some of these important
updates, albeit on a less frequent basis, e.g. only
when critical to security.
Perhaps something in the spirit of the Snort rules
tiered distribution system? Your paying customers get
the full service (feature updates, minor patches,
etc.), the registered community users would be allowed
only critical updates/fixes, unregistered users are
left as-is until the next major release.
This would make a great project even better, and I
don't think it would impact your business revenue
adversely.
Again, great job guys.
Long live open-source software!
Best Regards,
Alessandro Di Giuseppe
GSEC, Security+, Network+, MCP
------------------------------------------------------------
----------
You can respond by visiting:
https://sourcefo
rge.net/tracker/?func=detail&atid=725142&aid=1579892
&group_id=132104
------------------------------------------------------------
-------------
Using Tomcat but need to do more? Need to support web
services, security?
Get stuff done quickly with pre-integrated technology to
make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on
Apache Geronimo
http://sel.as-us.falkag.net/
sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
Efw-devel mailing list
Efw-devel lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/efw-devel
|