Date: Tue, 23 May 2006 04:39:38 +0200 From: Clemens Renner <claim@rinux.net> To: Peter Jeremy <peterjeremy@optushome.com.au> Cc: freebsd security <freebsd-security@freebsd.org> Subject: Re: FreeBSD Security Survey Message-ID: <447275EA.10505@rinux.net> In-Reply-To: <20060522192350.GB712@turion.vk2pj.dyndns.org> References: <20060522152011.10728.qmail@do.sefao.com> <20060522192350.GB712@turion.vk2pj.dyndns.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> Finally, it only takes one security failure in the update process for > someone undesirable to "own" all the FreeBSD machines that have been > left in this default mode. Despite the best efforts of FreeBSD > developers, FreeBSD will always contain bugs and some of them will > be security holes. Any automatic update process needs to balance > the benefits of reducing the number of unpatched boxes against the > risks of the update system being subverted. I couldn't agree more. One of the major problems with unattended/automatic updating is that it is hard to filter them. I don't install updates on a system that doesn't _need_ them. I think that the solution to this problem lies in a reliable and comprehensive notification mechanism for admins that tells them to upgrade once some part (base or ports) of the system is vulnerable to attacks. And as a second part of the solution, I'd like to see handy tools to ease the actual upgrading process for the admin. The notification mechanism is okay via mailing lists, although that requires an admin to memorize a list of installed packages/ports which can be a pain with lots of boxes to take care of. Personally, I like the way portaudit works, notifying me (via the daily run) of any pending issues. It's a very effective system mainly because it keeps nagging you every day and makes it hard to forget about an issue that still applies. In a different corner is portupgrade which basically constitutes a highly usable tool but has minor annoyances that really complicate things. For example, when upgrading MySQL -- even with mysql_enable=YES in rc.conf, portupgrade will stop the sever but not restart it. Is there any plausible reason for this behaviour? I can't think of any. In fact, I resort to # portupgrade mysql-server && /usr/local/etc/rc.d/mysql restart which is really annyoing if a lot of services will be upgraded that aren't automatically restarted. This would be a good thing to take care of. All in all: FreeBSD is my system of choice for servers, Gentoo for workstations (which is pretty much like a Linux-flavoured FreeBSD). Especially due to the still almost painless way of keeping the system current. Cheers Clemens
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?447275EA.10505>