Date: Sat, 16 Dec 2000 13:50:46 -0600 (CST) From: James Wyatt <jwyatt@rwsystems.net> To: Roman Shterenzon <roman@xpert.com> Cc: James Lim <jameslpin@pacific.net.sg>, security@FreeBSD.ORG Subject: Re: Security Update Tool.. Message-ID: <Pine.BSF.4.10.10012161217090.29496-100000@bsdie.rwsystems.net> In-Reply-To: <Pine.LNX.4.30.0012161727030.32357-100000@jamus.xpert.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 16 Dec 2000, Roman Shterenzon wrote: > On Sat, 16 Dec 2000, James Lim wrote: > > Seems like today we have 2 ideas, ports autoupdate utility ( > > security checks too ) as well as for the src base itself? > ports auto-update is BAD, BAD, BAD. > 1) don't fix what's not broken > 2) newer versions tend to be more bloated and more prone to bugs. 1) This is to fix what *is* broken, isn't it? 2) sometimes - depends on what the update does and who's developing. Many of the wuftpd updates make it better even if checking for bounds causes code bloat. (^_^) Major reconstructs commonly have more bugs than fixes, but I've seen quite a few simple updates that fix something that needed to be fixed ASAP. A smoke alarm for these could be great! Several folks have pointed-out that automagic updates would be "bad", but something that just let you know when you should look at upgrading something would be great. Some folks see how cool Windows update works, some folks see it could be deadly - it's both and we could do better. The thing I like least about it is that I can't keep a copy of the update files so I can fix several hosts or rebuild broken ones w/o going through the whole site again. I don't like automagic rebuilds of ports because several of my ports have twists in them for local alterations. For example, I needed to modify both smail and cucipop for adding whosond support to prevent relaying but allow my users to roam freely. Auto remakes would likely die on patching or screw things up more than I could quickly notice, figure out, and fix. Of course, like many, I have more ideas than patches... - Jy@ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.10.10012161217090.29496-100000>