From owner-freebsd-security Fri Apr 19 5: 9:26 2002 Delivered-To: freebsd-security@freebsd.org Received: from figg.isecure.com.au (ns2.isecure.com.au [202.125.4.72]) by hub.freebsd.org (Postfix) with ESMTP id E623F37B416 for ; Fri, 19 Apr 2002 05:08:57 -0700 (PDT) Received: from iron.isentry.net.au (iron.isecure.com.au [202.125.4.94] (may be forged)) by figg.isecure.com.au (8.11.3/8.11.3) with ESMTP id g3JC8uL01268 for ; Fri, 19 Apr 2002 22:08:56 +1000 Received: (from smap@localhost) by iron.isentry.net.au (8.11.2/8.10.2) id g3JC8tw14047 for ; Fri, 19 Apr 2002 22:08:55 +1000 (EST) X-Authentication-Warning: iron.isentry.net.au: smap set sender to using -f Received: from nodnsquery(10.11.3.10) by iron via smap (V5.5) id xma014039; Fri, 19 Apr 02 22:08:49 +1000 Received: from vmail.aipo.gov.au (localhost [127.0.0.1]) by gibbons.isecure.com.au (8.11.3/8.10.2) with ESMTP id g3JC8nT25492 for ; Fri, 19 Apr 2002 22:08:49 +1000 Received: from stan.aipo.gov.au (wf-105.aipo.gov.au [192.168.1.105]) by vmail.aipo.gov.au (8.11.6/8.11.6) with ESMTP id g3JC8li25983 for ; Fri, 19 Apr 2002 22:08:48 +1000 (EST) (envelope-from anwsmh@IPAustralia.Gov.AU) Received: (from anwsmh@localhost) by stan.aipo.gov.au (8.11.6/8.11.6) id g3JC8mk00435 for security@FreeBSD.ORG; Fri, 19 Apr 2002 22:08:48 +1000 (EST) (envelope-from anwsmh@IPAustralia.Gov.AU) X-Authentication-Warning: stan.aipo.gov.au: anwsmh set sender to anwsmh@IPAustralia.Gov.AU using -f Date: Fri, 19 Apr 2002 22:08:48 +1000 From: Stanley Hopcroft To: security@FreeBSD.ORG Subject: Re: FreeBSD Security Advisory FreeBSD-SA-02:21.tcpip Message-ID: <20020419220844.D190@IPAustralia.Gov.AU> References: <20020418181744.45846.qmail@web14201.mail.yahoo.com> <4.3.2.7.2.20020418135706.02192c60@nospam.lariat.org> <3CBFCF67.3119.3C78042@localhost> Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <3CBFCF67.3119.3C78042@localhost>; from Mlobo@ear.com.br on Fri, Apr 19, 2002 at 08:04:01AM -0300 Content-Transfer-Encoding: quoted-printable X-MIME-Autoconverted: from 8bit to quoted-printable by gibbons.isecure.com.au id g3JC8nT25492 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Dear Ladies and Gentlemen, I am writing to say that this has been an admirable thread and sum up by saying that it's unlikely the FreeBSD upgrade system is likely to satisfy the characters depicted below. However, they may be better off with other operating systems. Is this argument really anything more than OS Y does X better ? Granted that the upgrade system could be improved, I think that this is an opportunity for others to step forward, since the projects resources probably don't give it the priority the plaintiffs think it needs. I think the project delivers well in areas such as=20 . stability . applications . device support . performance . security These are more important to me than the upgrade path (which meets my relatively low tech needs). Surely not many are as impressed by upgradability - pain in anyones language - as features. BTW, it seems to me that the skills required to safely upgrade any OS are not coding skills and are unlikely to be found among casual computer users. I am neither coder nor sys admin, yet the use of CVS and friends, once I bit the bullet, wasn't all that daunting. Would it be as hard as learning UML, J2EE, writing a parser ? I don't think so. On Fri, Apr 19, 2002 at 08:04:01AM -0300, Mario Lobo wrote: > I=B4ve been following this thread since it started and this is the DEFI= NITE=20 > exposition of the problem that Brett has been trying to show since the=20 > beginning. To anyone that that thinks there is not really an issue here= , the=20 > last paragraph applies. >=20 > Brett, you next step (if there is any next step) is to use apples and o= ranges!! >=20 > Mario Lobo >=20 > >=20 > > We need to address this. Not only would it help newcomers; it would > > also help admins who just want to do a quick, no-hassle upgrade that > > includes the latest security fixes. We should NOT say, "the heck with= =20 > > them if they're not willing to learn all sorts of developer stuff on=20 > > the spot." That's pointless elitism. And we shouldn't make it > > unreasonably hard for admins to update... or they might not do it. > > And then, when their systems are broken into, FreeBSD's reputation=20 > > as a secure OS suffers. Thank you, Yours sincerely. --=20 ------------------------------------------------------------------------ Stanley Hopcroft Network Specialist ------------------------------------------------------------------------ '...No man is an island, entire of itself; every man is a piece of the continent, a part of the main. If a clod be washed away by the sea, Europe is the less, as well as if a promontory were, as well as if a manor of thy friend's or of thine own were. Any man's death diminishes me, because I am involved in mankind; and therefore never send to know for whom the bell tolls; it tolls for thee...' from Meditation 17, J Donne. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message