Date: Fri, 19 Apr 2002 03:21:34 +0300 From: Giorgos Keramidas <keramida@ceid.upatras.gr> To: Brett Glass <brett@lariat.org> Cc: David Wolfskill <david@catwhisker.org>, schulte+freebsd@nospam.schulte.org, security@FreeBSD.ORG Subject: Re: FreeBSD Security Advisory FreeBSD-SA-02:21.tcpip Message-ID: <20020419002134.GA11682@hades.hell.gr> In-Reply-To: <4.3.2.7.2.20020418114128.02156980@nospam.lariat.org> References: <4.3.2.7.2.20020418095356.024354c0@nospam.lariat.org> <4.3.2.7.2.20020418114128.02156980@nospam.lariat.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2002-04-18 11:42, Brett Glass wrote: > At 10:18 AM 4/18/2002, David Wolfskill wrote: > > >If you have systems that are that important to you -- and I do, even > >here at home -- then acquire a machine to do the builds, and then use > >some method other than "build in place" to install the result. > > That's not sufficient to ensure that you didn't pick the wrong time > to take a snapshot. Production machines must run a known good > snapshot. Err, what ever happened to the old practice of building the snapshot on sufficiently `identical' machines and testing it there before deploying[0] it on production use? [0] I hate me already for using this word :) - Giorgos To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020419002134.GA11682>