Date: Thu, 12 Apr 2001 10:53:56 +0100 From: Rasputin <rara.rasputin@virgin.net> To: Roger Marquis <marquis@roble.com> Cc: security@freebsd.org Subject: Re: Security Announcements & Incremental Patches Message-ID: <20010412105356.A88231@dogma.freebsd-uk.eu.org> In-Reply-To: <Pine.BSF.4.21.0104111214510.52823-100000@roble.com>; from marquis@roble.com on Wed, Apr 11, 2001 at 12:36:57PM -0700 References: <bulk.49307.20010411114848@hub.freebsd.org> <Pine.BSF.4.21.0104111214510.52823-100000@roble.com>
next in thread | previous in thread | raw e-mail | index | archive | help
* Roger Marquis <marquis@roble.com> [010411 20:38]: > Scott Johnson wrote: > > There is a difference between security fixes and a 'more low-key and > > conservative set of changes intended for our next mainstream release'. > > I think this is a point many posters are missing. Production > systems administration has to be conservative. A good systems > administrator would *NEVER* run cvsup or -STABLE on a revenue > generating production server for example. Change deltas must be > kept to a minimum to minimize the risk of downtime or application > problems. I agree with you here. I've seen the performance and reliability of my box increase from tracking STABLE, but it's a home system. Remotely upgrading enterprise boxes is a differnet ball game entirely, but there are always going to be risks doing that, and I don't know of any way to eliminate them. A kernel bug fix tends to need a reboot. > > I just want to add my voice as to how I use FreeBSD. Simply saying 'use > > - -STABLE' to those of us running -RELEASE on production systems isn't > > appropriate, > > Agreed. It might be worthwhile to point out that Linux is gaining > market share by leaps and bounds while FreeBSD's user base remains > relatively stagnant for *exactly* this reason. Why? Because RedHat only provide updates as individual RPMS, so updating a system from one version to another was always a complete nightmare? (Exhibit A being shipping the new version of RPM as an RPM. In the new package format.) A central source tree form kernel and userland is BSDs crtowning glory, IMO. But that's not to say that patches aren't an option. > This is all IMHO. Perhaps I'm just spoiled by Solaris' patch > process. Yet we have seen a significant increase in Sun purchases > thanks to their Blade 100 and it's $1000 price (headless). The > FreeBSD community has to make the choice: do you want to FreeBSD > to be a great developer's OS and an also-ran production platform > (Dag-Erling Smorgrav's "submit patches or shut up") or would it be > better in the long term to shift some resources (like incremental > security patches) in order to boost market share? IMO, all contact I've had with the FreeBSd team has been motivated out of a genuine need to create a good product. Saying they do this to 'increase market share' does them a disservice. Their motivation to me has always seemed to be to make an OS that sucks less than any other, whether or not that's commercially attractive. -- Rasputin Jack of All Trades :: Master of Nuns To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010412105356.A88231>