From owner-freebsd-security Sat Oct 7 14:46:51 2000 Delivered-To: freebsd-security@freebsd.org Received: from peak.mountin.net (peak.mountin.net [207.227.119.2]) by hub.freebsd.org (Postfix) with ESMTP id 23BA437B502; Sat, 7 Oct 2000 14:46:41 -0700 (PDT) Received: (from daemon@localhost) by peak.mountin.net (8.9.1/8.9.1) id QAA18820; Sat, 7 Oct 2000 16:46:23 -0500 (CDT) (envelope-from jeff-ml@mountin.net) Received: from dial-88.max1.wa.cyberlynk.net(207.227.118.88) by peak.mountin.net via smap (V1.3) id sma018818; Sat Oct 7 16:46:20 2000 Message-Id: <4.3.2.20001007161924.00b72460@207.227.119.2> X-Sender: jeff-ml@207.227.119.2 X-Mailer: QUALCOMM Windows Eudora Version 4.3 Date: Sat, 07 Oct 2000 16:45:49 -0500 To: "Matthew D. Fuller" , Jordan Hubbard From: "Jeffrey J. Mountin" Subject: Re: Stable branch Cc: Robert Watson , John Baldwin , freebsd-security@FreeBSD.ORG, cvs-committers@FreeBSD.ORG In-Reply-To: <20001006180148.B29088@futuresouth.com> References: <3175.970802405@winston.osd.bsdi.com> <3175.970802405@winston.osd.bsdi.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org At 06:01 PM 10/6/00 -0500, Matthew D. Fuller wrote: --snip-- >I think it might actually be easier to suck up and branch each release, >and stick security fixes on the branch, than to shoot this idea down >every few months for the rest of our lives ;) Then you might want to consider doing all the extra work involved in such a scheme or buy a lot of gifts for those that must then commit to 6 branches for 3.x and 3 (so far) for 4.x, etc. You seem to have completely missed Jordan's point this time and his previous point on wishing that commiters were better at merging stuff back from -current. The idea of binary patches for releases is better. Just hope that any such mechanism wouldn't end up like IRIX and be more of PITA than it is worth. Also means more time and resources are needed when bug/security fixes need to be merged back. A required patch set would be easier to avoid problems with a mix 'n' match scheme. Also seem to recall that branches are "expensive" with CVS. Not sure if that is just a one-time deal when laying a tag or a continuing liability. Regardless of the ideas that have cropped up on the various lists recently, it seems that the true "armchair generals" seem to forget the troops can just walk away without being deserters, so making things more difficult is NOT going to mean better results if the troops are not happy or leave the field. You could say I'm tired of hearing ideas that make *their* life better and don't consider the hassles induced by changing the production method. I'm not picking on Matt either, but it would explain why some ideas are shot down on a regular basis (ie bad/difficult then and still are). Jeff Mountin - jeff@mountin.net Systems/Network Administrator FreeBSD - the power to serve To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message