freebsd-update question

J

jgh@

Developer
For this question, please assume you run your own update server, and have your own unique KeyPrint.

Do you think it would be a security issue to have the freebsd-update -s server -k key cron in /etc/crontab, or root users crontab (ie. crontab -e )?

I would like to avoid modifying and managing the /etc/freebsd-update.conf file, as it may change in the future.
 
Wouldn't that depend on who's trusted or untrusted and local to the machine? Id say if you trust whoever is local to it then that would be fine. But take it with a grain of salt, i'll be watching this thread to see what others have to say.
 
How is that any different though, then just keeping it in a configuration file?
 
That was exactly my theory, I don't see how it would matter or impose any more risk having it in a different file. Just chmod it read only to the service that needs to read it. But I wasn't sure I am waiting for someone with more experience to chime in here. But I agree with you it should not make a difference.
 
You must log in or register to reply here.
Back
Top