From owner-freebsd-questions@FreeBSD.ORG Sun Jan 13 18:58:54 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id F3CD716A46E for ; Sun, 13 Jan 2008 18:58:53 +0000 (UTC) (envelope-from jhary@unsane.co.uk) Received: from unsane.co.uk (www.unsane.co.uk [85.233.185.162]) by mx1.freebsd.org (Postfix) with ESMTP id 6E96113C44B for ; Sun, 13 Jan 2008 18:58:53 +0000 (UTC) (envelope-from jhary@unsane.co.uk) Received: from crab.unsane.co.uk (crab.unsane.co.uk [10.0.0.111]) (authenticated bits=0) by unsane.co.uk (8.14.0/8.14.0) with ESMTP id m0DIQWha005802 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sun, 13 Jan 2008 18:26:32 GMT (envelope-from jhary@unsane.co.uk) Message-ID: <478A5769.8000904@unsane.co.uk> Date: Sun, 13 Jan 2008 18:24:41 +0000 From: Vince User-Agent: Thunderbird 2.0.0.9 (X11/20071121) MIME-Version: 1.0 To: =?ISO-2022-JP?B?GyRCSjhEOxsoQg==?= References: <4789F7DE.9090905@cederstrand.dk> <478A238A.4060106@cederstrand.dk> In-Reply-To: Content-Type: text/plain; charset=ISO-2022-JP Content-Transfer-Encoding: 7bit Cc: freebsd-questions@freebsd.org, Erik Cederstrand Subject: Re: Secure update of /usr/src X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 13 Jan 2008 18:58:54 -0000 Hi, 文鳥 wrote: > 08/01/13 に Erik Cederstrand さんは書きました: >> 文鳥 wrote: >>> 2008/1/13, Erik Cederstrand : >>>> 文鳥 wrote: >>>>> Hello all, >>>>> >>>>> is there any way to securely follow the STABLE branch of FreeBSD, e.g. >>>>> a cryptographically signed distribution method like portsnap? Afaik, >>>>> the usual update methods (CVSup, etc.) do not include any >>>>> authentication / integrity checking. Am I missing something here? >>>> freebsd-update(8) is portsnap for the base system. However, you can only >>>> follow RELEASE branches, not STABLE. >>>> >>>> Erik < >> Erik >> > Yes, I am aware of that fact. However, 7.x STABLE is the only version > apart from CURRENT that I was able to get working reliably on the > hardware in question. And alas, even though the system in question is > used for testing only,I am still bound by the company security policy > in this matter... Guess I will have to wait until 7.0 is released. > Thanks for your help in this matter. > I'm not suer how often its updated but you can to a limited degree follow the RELENG_7_0 branch via freebsd-update already (see http://www.daemonology.net/blog/2007-11-11-freebsd-major-version-upgrade.html) However I'd say overall you may be better waiting for the release. Vince _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"