Proposed: task-secure-system package
Sun and other Unix vendors have a variety of programs that you can download 
and run on their OSs to check for old/buggy versions of programs.
I think that it would be good if there was a task-secure-system package for 
Debian that did this.  The first thing that such a package would do is demand 
that the secure versions of all packages be installed, to do this it could 
conflict with the last insecure version of each package that has ever had a 
security bug reported against it.
Then if you are confronted with an old Debian machine and you don't know if 
it has all the security holes fixed then you could just install this package.
Then it could suggest/recommend/depend on the installation of other things 
that enhance security.
Currently I can't develop this myself because I am currently only a sponsored 
developer and thus can't guarantee the fast response that a security package 
needs.  Also I am rather busy on other things at the moment.
But if this is felt to be a good idea and no-one else volunteers before my 
application gets processed then I will ITP it.
-- 
http://www.coker.com.au/bonnie++/     Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/       Postal SMTP/POP benchmark
http://www.coker.com.au/projects.html Projects I am working on
http://www.coker.com.au/~russell/     My home page
Reply to: